Does Announcer – Sticky Message Banner & Notification Bar have any unpatched vulnerabilities?

No. All known vulnerabilities in Announcer – Sticky Message Banner & Notification Bar have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Announcer – Sticky Message Banner & Notification Bar compatible with WordPress 6.9.4?

According to WordPress.org data, Announcer – Sticky Message Banner & Notification Bar 6.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Announcer – Sticky Message Banner & Notification Bar compatible with PHP 5.3+?

Announcer – Sticky Message Banner & Notification Bar requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Announcer – Sticky Message Banner & Notification Bar's security score?

Announcer – Sticky Message Banner & Notification Bar has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Announcer – Sticky Message Banner & Notification Bar Security & Risk Analysis

wordpress.org/plugins/announcer

Add customizable WordPress notification bar to display announcements, promotions, coupons, or news at the top or bottom of your website.

10K active installs v6.3 PHP 5.3+ WP 4.4+ Updated Mar 10, 2026

bannerbarnotice-barnotification-barsticky-header

A · Safe

CVEs total1

Unpatched0

Last CVEApr 5, 2024

Plugin page Download

Safety Verdict

Is Announcer – Sticky Message Banner & Notification Bar Safe to Use in 2026?

Generally Safe

Score 99/100

Announcer – Sticky Message Banner & Notification Bar has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 5, 2024Updated 23d ago

Risk Assessment

The "announcer" plugin v6.3 exhibits a generally positive security posture due to its limited attack surface and adherence to good coding practices like prepared SQL statements and the use of nonces and capability checks. The complete absence of raw SQL queries and file operations, along with no external HTTP requests, are significant strengths. However, the plugin's output escaping is a notable concern, with only 55% of outputs being properly escaped. This leaves a substantial portion of its output potentially vulnerable to cross-site scripting (XSS) attacks, especially given the presence of AJAX handlers which are common vectors for such vulnerabilities. The vulnerability history indicates a past medium severity vulnerability related to missing authorization, which, while currently patched, suggests a potential for future authorization issues if not carefully maintained. The lack of taint analysis results is also a point of observation; while it might indicate no critical flows were found, it could also mean a comprehensive taint analysis wasn't performed. Overall, the plugin has a solid foundation but requires attention to its output escaping to mitigate XSS risks and continued vigilance regarding authorization.

Key Concerns

Insufficient output escaping
Past medium severity vulnerability (Missing Authorization)

Vulnerabilities

Announcer – Sticky Message Banner & Notification Bar Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-31261medium · 4.3Missing Authorization

Announcer – Notification & message bars <= 6.0 - Missing Authorization

Apr 5, 2024 Patched in 6.0.1 (6d)

Code Analysis

Analyzed Mar 16, 2026

Announcer – Sticky Message Banner & Notification Bar Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

52 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

55% escaped94 total outputs

Attack Surface

Announcer – Sticky Message Banner & Notification Bar Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_announceradmin\edit.php:15

WordPress Hooks 12

actioninitadmin\admin.php:11

actioninitadmin\admin.php:13

actionadmin_enqueue_scriptsadmin\admin.php:15

actionadmin_menuadmin\admin.php:19

actionadmin_footeradmin\admin.php:21

actionadd_meta_boxesadmin\edit.php:9

actionedit_form_after_titleadmin\edit.php:11

actionpost_submitbox_minor_actionsadmin\settings-form.php:11

actionplugins_loadedannouncer.php:28

actionwp_enqueue_scriptsincludes\display.php:11

actionwp_footerincludes\display.php:13

actionadmin_footerincludes\location-rules\index.php:42

Maintenance & Trust

Announcer – Sticky Message Banner & Notification Bar Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version5.3

Downloads199K

Community Trust

Rating96/100

Number of ratings40

Active installs10K

Alternatives

Announcer – Sticky Message Banner & Notification Bar Alternatives

My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)

mystickymenu

Create a welcome notification bar for your website. Also, My Sticky Bar plugin can make your menu or header sticky to the top when scrolled 📌

100K 6 CVEs

Top Bar

top-bar

Simply the easiest way to add a topbar to your website. Create a notification bar in no-time and show a message and a button to your visitors.

20K 3 CVEs

Easy Notification Bar

easy-notification-bar

100

A simple plugin for displaying a notice at the top of your website that can be closed by the visitor. Completely free and minimal without any upsells.

9K No CVEs

Notibar – Notification Bar for WordPress

notibar

Customizer for sticky header, notification bar, alert, promo code, marketing campaign, top banner

8K 3 CVEs

Notification Bar, Announcement and Cookie Notice WordPress Plugin – FooBar

foobar-notifications-lite

100

Create unlimited notifications, announcements, or notices for your visitors

3K No CVEs

Developer Profile

Announcer – Sticky Message Banner & Notification Bar Developer Profile

vaakash

6 plugins · 133K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

157 days

View full developer profile

Detection Fingerprints

How We Detect Announcer – Sticky Message Banner & Notification Bar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/announcer/admin/css/admin.css/wp-content/plugins/announcer/admin/js/admin.js/wp-content/plugins/announcer/assets/css/announcer.css/wp-content/plugins/announcer/assets/js/announcer.js/wp-content/plugins/announcer/assets/js/jquery.cookie.min.js/wp-content/plugins/announcer/assets/js/owl.carousel.min.js/wp-content/plugins/announcer/assets/css/owl.carousel.min.css/wp-content/plugins/announcer/assets/css/owl.theme.default.min.css

Script Paths

/wp-content/plugins/announcer/admin/js/admin.js/wp-content/plugins/announcer/assets/js/announcer.js/wp-content/plugins/announcer/assets/js/jquery.cookie.min.js/wp-content/plugins/announcer/assets/js/owl.carousel.min.js

Version Parameters

announcer/admin/css/admin.css?ver=announcer/admin/js/admin.js?ver=announcer/assets/css/announcer.css?ver=announcer/assets/js/announcer.js?ver=announcer/assets/js/jquery.cookie.min.js?ver=announcer/assets/js/owl.carousel.min.js?ver=announcer/assets/css/owl.carousel.min.css?ver=announcer/assets/css/owl.theme.default.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

announcer-wrapannouncer-innerancr-notice-barancr-notice-bar-messageancr-notice-bar-closeancr-notice-bar-close-iconancr-notice-bar-contentannouncer-slide-in-wrap+67 more

Data Attributes

data-ancr-iddata-ancr-delaydata-ancr-durationdata-ancr-positiondata-ancr-animationdata-ancr-closable+5 more

JS Globals

announcer_script_vars

FAQ