WP-Safety

F12 Floating Menu, sticky menu for WordPress Security & Risk Analysis

wordpress.org/plugins/f12-floating-menu

Easily add unlimited floating/sticky menus to your Website. The F12 Floating Menu comes with an easy-to-use interface, allowing you to have the full c …

400 active installs v1.3.4 PHP + WP + Updated Jul 6, 2024
custom-menucustom-navigation-menucustom-side-menufloating-menufloating-navigation-menu
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is F12 Floating Menu, sticky menu for WordPress Safe to Use in 2026?

Generally Safe

Score 92/100

F12 Floating Menu, sticky menu for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "f12-floating-menu" plugin version 1.3.4 exhibits a generally strong security posture based on the static analysis and vulnerability history. The absence of critical or high-severity taint flows and a clean vulnerability history are significant strengths. The plugin also demonstrates good practices by implementing nonce and capability checks for its identified AJAX entry points, and it does not perform file operations or external HTTP requests, minimizing common attack vectors.

However, there are areas for improvement. The plugin utilizes raw SQL queries without prepared statements, which presents a risk of SQL injection vulnerabilities, especially if the data used in these queries originates from user input. While the output escaping rate is high, the presence of "improperly escaped" outputs, even if not explicitly detailed in severity, could still lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved.

In conclusion, the plugin is reasonably secure, with its primary weaknesses stemming from the lack of prepared statements for SQL queries and the potential for XSS through improperly escaped output. The absence of past vulnerabilities is a positive sign, but the identified code signals warrant attention to prevent future security incidents.

Key Concerns

  • Raw SQL queries without prepared statements
  • Improperly escaped outputs detected
Vulnerabilities
None known

F12 Floating Menu, sticky menu for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

F12 Floating Menu, sticky menu for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
31
69 escaped
Nonce Checks
6
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

0% prepared2 total queries

Output Escaping

69% escaped100 total outputs
Attack Surface

F12 Floating Menu, sticky menu for WordPress Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_f12_floating_menu_get_templatecore\Ajax.class.php:25
authwp_ajax_f12_floating_menu_select2_pagescore\Ajax.class.php:26
WordPress Hooks 25
actionadmin_enqueue_scriptscomponent\floatingmenu\Backend.class.php:18
actioncustomize_registercomponent\floatingmenu\Extend_Customizer.class.php:25
actioncustomize_save_aftercomponent\floatingmenu\Extend_Customizer.class.php:26
actionwp_headcomponent\floatingmenu\Frontend.class.php:19
actionwp_enqueue_scriptscomponent\floatingmenu\Frontend.class.php:20
filterf12_floating_menu_get_linkcomponent\floatingmenu\Frontend.class.php:21
actionf12_floating_menu_inline_stylecomponent\floatingmenu\Frontend.class.php:24
actionf12_floating_menu_inline_stylecomponent\floatingmenu\Frontend.class.php:25
actionf12_floating_menu_inline_stylecomponent\floatingmenu\Frontend.class.php:26
actionf12_floating_menu_inline_stylecomponent\floatingmenu\Frontend.class.php:27
filterf12_floating_menu_stylecomponent\floatingmenu\Frontend.class.php:28
filterf12_floating_menu_stylecomponent\floatingmenu\Frontend.class.php:29
filterf12_floating_menu_stylecomponent\floatingmenu\Frontend.class.php:30
filterf12_floating_menu_stylecomponent\floatingmenu\Frontend.class.php:31
actionadd_meta_boxescomponent\floatingmenu\MetaBoxFloatingMenuItems.class.php:21
actionadmin_enqueue_scriptscomponent\floatingmenu\MetaBoxFloatingMenuItems.class.php:22
actionsave_post_floating_menucomponent\floatingmenu\MetaBoxFloatingMenuItems.class.php:23
actionadd_meta_boxescomponent\floatingmenu\MetaBoxFloatingMenuSettings.class.php:24
actionadmin_enqueue_scriptscomponent\floatingmenu\MetaBoxFloatingMenuSettings.class.php:25
actionsave_post_floating_menucomponent\floatingmenu\MetaBoxFloatingMenuSettings.class.php:26
actioninitcomponent\floatingmenu\PostTypeFloatingMenu.class.php:24
actionafter_setup_themecore\ComponentManager.class.php:47
actionwp_footercore\Support.class.php:33
actionadmin_enqueue_scriptscore\UI.class.php:117
actionadmin_menucore\UI.class.php:123
Maintenance & Trust

F12 Floating Menu, sticky menu for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedJul 6, 2024
PHP min version
Downloads9K

Community Trust

Rating100/100
Number of ratings4
Active installs400
Alternatives

F12 Floating Menu, sticky menu for WordPress Alternatives

Sticky Menu & Sticky Header

Sticky Menu & Sticky Header

sticky-menu-or-anything-on-scroll

A
100

Sticky Menu or Sticky Header sticks elements at the top of the screen when you scroll, or create a floating sticky menu or fixed widget.

100K 1 CVE
Float menu – awesome floating side menu

Float menu – awesome floating side menu

float-menu

A
97

Easily create floating menus of varying complexity. Use its capabilities to place unique navigation on the site.

30K 4 CVEs
AGCA – Custom Dashboard & Login Page

AGCA – Custom Dashboard & Login Page

ag-custom-admin

A
97

CHANGE: admin menu, login page, admin bar, dashboard widgets, custom colors, custom CSS & JS, logo & images

20K 5 CVEs
Simple Floating Menu

Simple Floating Menu

simple-floating-menu

A
100

Simple Floating Menu add a simple floating button with various layouts and settings.

10K No CVEs
Sticky Buttons – Floating Buttons Builder

Sticky Buttons – Floating Buttons Builder

sticky-buttons

A
98

Increase user engagement by incorporating sticky buttons that highlight relevant information on your website.

10K 3 CVEs
Developer Profile

F12 Floating Menu, sticky menu for WordPress Developer Profile

Forge12 Interactive GmbH

6 plugins · 12K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
76 days
View full developer profile
Detection Fingerprints

How We Detect F12 Floating Menu, sticky menu for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_admin.css/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_social_share.js/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_icon_box.js/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_icon_box.css/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_button.css/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_select2.css/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_select2.js/wp-content/plugins/f12-floating-menu/assets/vendor/select2/select2.min.js+5 more
Script Paths
/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_social_share.js/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_icon_box.js/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_select2.js/wp-content/plugins/f12-floating-menu/assets/vendor/select2/select2.min.js/wp-content/plugins/f12-floating-menu/assets/f12_floating_menu_tab_container.js/wp-content/plugins/f12-floating-menu/assets/wp_customize_control_menu.js+1 more

HTML / DOM Fingerprints

CSS Classes
f12-floating-menu-buttonf12-floating-menu-social-share-buttonf12-floating-menu-icon-boxf12-floating-menu-tab-container
Data Attributes
data-f12-floating-menu-id
JS Globals
select2_obj
FAQ

Frequently Asked Questions about F12 Floating Menu, sticky menu for WordPress