Does Fuse Social Floating Sidebar have any unpatched vulnerabilities?

No. All known vulnerabilities in Fuse Social Floating Sidebar have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Fuse Social Floating Sidebar compatible with WordPress 6.8.5?

According to WordPress.org data, Fuse Social Floating Sidebar 5.4.12 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Fuse Social Floating Sidebar updated?

Fuse Social Floating Sidebar was last updated on Jul 16, 2025. Frequent updates are generally a positive security signal.

What is Fuse Social Floating Sidebar's security score?

Fuse Social Floating Sidebar has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Fuse Social Floating Sidebar Security & Risk Analysis

wordpress.org/plugins/fuse-social-floating-sidebar

This plugin allows you to add social media floating sidebar icons connected with your social media profiles.

10K active installs v5.4.12 PHP + WP 3.0+ Updated Jul 16, 2025

animated-social-iconsfloating-sidebarsocial-iconssocial-mediasocial-widget

A · Safe

CVEs total2

Unpatched0

Last CVEAug 7, 2024

Plugin page Download

Safety Verdict

Is Fuse Social Floating Sidebar Safe to Use in 2026?

Generally Safe

Score 99/100

Fuse Social Floating Sidebar has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Aug 7, 2024Updated 8mo ago

Risk Assessment

The fuse-social-floating-sidebar plugin exhibits a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and a high percentage of properly escaped output, several concerning areas exist. The presence of two AJAX handlers without authentication checks significantly increases the attack surface for unauthorized actions. Furthermore, the utilization of the `unserialize` function is a known risk, especially if the input is not strictly controlled, as it can lead to object injection vulnerabilities.

The vulnerability history shows two past medium-severity CVEs, both related to Cross-site Scripting and Missing Authorization. The fact that these are no longer unpatched is positive, but the recurring nature of these vulnerability types suggests potential ongoing weaknesses in input validation and access control. The taint analysis, while not revealing critical or high severity issues, did identify a high number of flows with unsanitized paths, which warrants attention even if no direct exploit was found in this analysis.

Overall, the plugin has strengths in its SQL handling and output escaping. However, the unauthenticated AJAX endpoints, the use of `unserialize`, and the historical vulnerability patterns indicate areas that require immediate attention to improve its security. While no critical or high-severity issues are immediately apparent in the static analysis, the potential for exploitation remains due to these identified weaknesses.

Key Concerns

Unprotected AJAX handlers
Dangerous function 'unserialize' used
Vulnerability history: 2 medium CVEs
Taint analysis: High unsanitized paths
Bundled library Freemius v1.0 outdated

Vulnerabilities

Fuse Social Floating Sidebar Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-5226medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Fuse Social Floating Sidebar <= 5.4.10 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload

Aug 7, 2024 Patched in 5.4.11 (1d)

WF-84003388-c47c-41db-8d2d-4643aa375a89-fuse-social-floating-sidebarmedium · 4.3Missing Authorization

Appsero <= 1.2.1 - Missing Authorization

Dec 16, 2022 Patched in 5.4.7 (699d)

Code Analysis

Analyzed Mar 16, 2026

Fuse Social Floating Sidebar Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

314

1839 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$fuse_click_data = unserialize( get_option( 'fuse_click_data' ) );framework\settings\fuse-config.php:758

unserialize$fuse_click_data = unserialize( get_option( 'fuse_click_data' ) );inc\fuse_social_sidebar_func.php:30

Bundled Libraries

Select2Freemius1.0

SQL Query Safety

100% prepared6 total queries

Output Escaping

85% escaped2153 total outputs

Data Flows

10 unsanitized

Data Flow Analysis

11 flows10 with unsanitized paths

save (framework\redux-core\inc\classes\class-redux-ajax-save.php:34)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Fuse Social Floating Sidebar Attack Surface

Entry Points15

Unprotected3

AJAX Handlers 8

authwp_ajax_redux_hide_admin_noticeframework\redux-core\inc\classes\class-redux-admin-notices.php:41

authwp_ajax_redux_update_google_fontsframework\redux-core\inc\classes\class-redux-ajax-typography.php:26

authwp_ajax_redux_activationframework\redux-core\inc\classes\class-redux-connection-banner.php:94

authwp_ajax_redux_submit_support_dataframework\redux-core\inc\classes\class-redux-health.php:26

authwp_ajax_redux_delete_widget_areaframework\redux-core\inc\extensions\widget_areas\class-redux-extension-widget-areas.php:51

authwp_ajax_redux_delete_widget_areainc\extensions\extensions\widget_areas\class.redux_widget_areas.php:68

authwp_ajax_fuse_social_update_analyticsinc\fuse_social_sidebar_func.php:45

noprivwp_ajax_fuse_social_update_analyticsinc\fuse_social_sidebar_func.php:46

Shortcodes 7

[bloginfo] framework\redux-core\inc\extensions\shortcodes\class-redux-shortcodes.php:69

[redux_bloginfo] framework\redux-core\inc\extensions\shortcodes\class-redux-shortcodes.php:71

[themeinfo] framework\redux-core\inc\extensions\shortcodes\class-redux-shortcodes.php:75

[redux_themeinfo] framework\redux-core\inc\extensions\shortcodes\class-redux-shortcodes.php:77

[date] framework\redux-core\inc\extensions\shortcodes\class-redux-shortcodes.php:81

[redux_date] framework\redux-core\inc\extensions\shortcodes\class-redux-shortcodes.php:83

[social_profiles] framework\redux-core\inc\extensions\social_profiles\social_profiles\inc\class-redux-social-profiles-shortcode.php:43

WordPress Hooks 110

actionsetup_themeframework\class-redux-framework-plugin.php:185

actionactivated_pluginframework\class-redux-framework-plugin.php:211

actionwp_loadedframework\class-redux-framework-plugin.php:212

actionwpmu_new_blogframework\class-redux-framework-plugin.php:215

actionadmin_noticesframework\class-redux-framework-plugin.php:218

filterplugin_row_metaframework\class-redux-framework-plugin.php:221

filternetwork_admin_plugin_action_linksframework\class-redux-framework-plugin.php:222

filterplugin_action_linksframework\class-redux-framework-plugin.php:223

actionplugins_loadedframework\redux-core\class-redux-core.php:160

actionadmin_initframework\redux-core\class-redux-core.php:289

filterdebug_informationframework\redux-core\class-redux-core.php:291

actionadmin_noticesframework\redux-core\inc\classes\class-redux-admin-notices.php:42

actionadmin_initframework\redux-core\inc\classes\class-redux-admin-notices.php:43

actionafter_setup_themeframework\redux-core\inc\classes\class-redux-api.php:122

actioninitframework\redux-core\inc\classes\class-redux-api.php:123

actionswitch_themeframework\redux-core\inc\classes\class-redux-api.php:124

actionplugins_loadedframework\redux-core\inc\classes\class-redux-api.php:178

actionReduxFrameworkPlugin_admin_noticeframework\redux-core\inc\classes\class-redux-api.php:1749

actionredux_framework_plugin_admin_noticeframework\redux-core\inc\classes\class-redux-api.php:1750

actioncurrent_screenframework\redux-core\inc\classes\class-redux-connection-banner.php:95

actionadmin_headframework\redux-core\inc\classes\class-redux-connection-banner.php:293

actionadmin_noticesframework\redux-core\inc\classes\class-redux-connection-banner.php:300

actionnetwork_admin_noticesframework\redux-core\inc\classes\class-redux-connection-banner.php:301

actionadmin_headframework\redux-core\inc\classes\class-redux-connection-banner.php:302

filteradmin_body_classframework\redux-core\inc\classes\class-redux-connection-banner.php:303

actionadmin_enqueue_scriptsframework\redux-core\inc\classes\class-redux-enqueue.php:57

actionwp_enqueue_scriptsframework\redux-core\inc\classes\class-redux-enqueue.php:60

filterredux/fieldsframework\redux-core\inc\classes\class-redux-extension-abstract.php:176

actionenqueue_block_editor_assetsframework\redux-core\inc\classes\class-redux-functions-ex.php:32

actionwp_enqueue_scriptsframework\redux-core\inc\classes\class-redux-functions-ex.php:33

actionwp_headframework\redux-core\inc\classes\class-redux-functions-ex.php:207

actioninitframework\redux-core\inc\classes\class-redux-i18n.php:27

actionredux/constructframework\redux-core\inc\classes\class-redux-instances.php:74

actionadmin_initframework\redux-core\inc\classes\class-redux-options-constructor.php:55

actionwp_headframework\redux-core\inc\classes\class-redux-output.php:30

actionwp_enqueue_scriptsframework\redux-core\inc\classes\class-redux-output.php:31

actionlogin_headframework\redux-core\inc\classes\class-redux-output.php:36

actionlogin_enqueue_scriptsframework\redux-core\inc\classes\class-redux-output.php:37

actionadmin_headframework\redux-core\inc\classes\class-redux-output.php:42

actionadmin_enqueue_scriptsframework\redux-core\inc\classes\class-redux-output.php:43

filterstyle_loader_tagframework\redux-core\inc\classes\class-redux-output.php:201

filterwp_resource_hintsframework\redux-core\inc\classes\class-redux-output.php:202

actionadmin_menuframework\redux-core\inc\classes\class-redux-page-render.php:47

actionnetwork_admin_menuframework\redux-core\inc\classes\class-redux-page-render.php:51

actionadmin_headframework\redux-core\inc\classes\class-redux-page-render.php:140

filteradmin_footer_textframework\redux-core\inc\classes\class-redux-page-render.php:143

filterdeprecated_file_trigger_errorframework\redux-core\inc\classes\class-redux-panel.php:327

actionrest_api_initframework\redux-core\inc\classes\class-redux-rest-api-builder.php:46

actionadmin_initframework\redux-core\inc\classes\class-redux-user-feedback.php:81

actionadmin_initframework\redux-core\inc\classes\class-redux-user-feedback.php:82

actionadmin_noticesframework\redux-core\inc\classes\class-redux-user-feedback.php:166

actioncustomize_registerframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:141

actionwp_headframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:142

actioncustomize_save_afterframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:144

actioncustomize_controls_print_scriptsframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:147

actioncustomize_controls_initframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:148

actionwp_enqueue_stylesframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:149

actionredux/extension/customizer/control_initframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:151

actioncustomize_controls_print_stylesframework\redux-core\inc\extensions\customizer\class-redux-extension-customizer.php:154

filterupload_mimesframework\redux-core\inc\extensions\import_export\class-redux-extension-import-export.php:62

actionsave_postframework\redux-core\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:212

actionpre_post_updateframework\redux-core\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:213

actionadmin_noticesframework\redux-core\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:214

actionadmin_enqueue_scriptsframework\redux-core\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:215

actionthe_postframework\redux-core\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:218

actionloop_endframework\redux-core\inc\extensions\metaboxes\class-redux-extension-metaboxes.php:219

actioninitframework\redux-core\inc\extensions\metaboxes\class-redux-metaboxes-api.php:89

actionadmin_enqueue_scriptsframework\redux-core\inc\extensions\metaboxes\class-redux-metaboxes-api.php:129

actionadmin_enqueue_scriptsframework\redux-core\inc\extensions\search\class-redux-extension-search.php:53

actionwp_enqueue_scriptsframework\redux-core\inc\extensions\social_profiles\class-redux-extension-social-profiles.php:111

filterredux/metaboxes/save/before_validateframework\redux-core\inc\extensions\social_profiles\class-redux-extension-social-profiles.php:115

actionwidgets_initframework\redux-core\inc\extensions\social_profiles\social_profiles\inc\class-redux-social-profiles-widget.php:53

actioninitframework\redux-core\inc\extensions\widget_areas\class-redux-widget-areas.php:70

actionadmin_print_scriptsframework\redux-core\inc\extensions\widget_areas\class-redux-widget-areas.php:73

actionload-widgets.phpframework\redux-core\inc\extensions\widget_areas\class-redux-widget-areas.php:74

actionload-widgets.phpframework\redux-core\inc\extensions\widget_areas\class-redux-widget-areas.php:75

filterredux/font-iconsframework\redux-core\inc\fields\select\elusive-icons.php:11

actionadmin_enqueue_scriptsframework\redux-core\inc\themecheck\class-redux-themecheck.php:71

actionadmin_enqueue_scriptsframework\redux-core\inc\themecheck\class-redux-themecheck.php:72

actionthemecheck_checks_loadedframework\redux-core\inc\themecheck\class-redux-themecheck.php:74

actionthemecheck_checks_loadedframework\redux-core\inc\themecheck\class-redux-themecheck.php:75

actioninitframework\redux-core\inc\validation\unique_slug\class-redux-validation-unique-slug.php:80

actioninitframework\redux-core\inc\welcome\class-redux-welcome.php:49

actionadmin_menuframework\redux-core\inc\welcome\class-redux-welcome.php:71

filteradmin_footer_textframework\redux-core\inc\welcome\class-redux-welcome.php:77

actionadmin_headframework\redux-core\inc\welcome\class-redux-welcome.php:78

actioninitframework\redux-templates\classes\class-init.php:34

filtertemplate_includeframework\redux-templates\classes\class-templates.php:46

actionwpframework\redux-templates\classes\class-templates.php:49

filteradmin_body_classframework\redux-templates\classes\class-templates.php:62

actionadmin_enqueue_scriptsfuse_social_sidebar.php:83

actionadmin_enqueue_scriptsfuse_social_sidebar.php:95

actionwp_footerfuse_social_sidebar.php:106

actionadd_meta_boxesinc\extensions\extensions\metaboxes\extension_metaboxes.php:86

actionsave_postinc\extensions\extensions\metaboxes\extension_metaboxes.php:87

actionpre_post_updateinc\extensions\extensions\metaboxes\extension_metaboxes.php:88

actionadmin_noticesinc\extensions\extensions\metaboxes\extension_metaboxes.php:89

actionadmin_enqueue_scriptsinc\extensions\extensions\metaboxes\extension_metaboxes.php:91

actionwp_print_scriptsinc\extensions\extensions\metaboxes\extension_metaboxes.php:94

actionadmin_enqueue_scriptsinc\extensions\extensions\metaboxes\extension_metaboxes.php:95

actionthe_postinc\extensions\extensions\metaboxes\extension_metaboxes.php:98

actionloop_endinc\extensions\extensions\metaboxes\extension_metaboxes.php:99

actioninitinc\extensions\extensions\widget_areas\class.redux_widget_areas.php:64

actionadmin_print_scriptsinc\extensions\extensions\widget_areas\class.redux_widget_areas.php:65

actionload-widgets.phpinc\extensions\extensions\widget_areas\class.redux_widget_areas.php:66

actionload-widgets.phpinc\extensions\extensions\widget_areas\class.redux_widget_areas.php:67

actionredux/extensions/fuse/beforeinc\extensions\loader.php:28

actionwp_enqueue_scriptsinc\fuse_social_sidebar_func.php:16

actionwp_enqueue_scriptsinc\fuse_social_sidebar_scripts.php:12

actionwp_enqueue_scriptsinc\fuse_social_sidebar_scripts.php:687

Maintenance & Trust

Fuse Social Floating Sidebar Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 16, 2025

PHP min version

Downloads392K

Community Trust

Rating92/100

Number of ratings58

Active installs10K

Alternatives

Fuse Social Floating Sidebar Alternatives

FloatySocial – Awesome Social Floating Sidebar

floatysocial-awesome-social-floating-sidebar

100

This plugin lets you add floating sidebar icons to your site that link directly to your social media profiles.

80 No CVEs

WP Social Widget

wp-social-widget

A widget to add links of social networking sites.

4K 1 unpatched

Socials Ignited

socials-ignited

100

The Socials Ignited plugin gives you a widget, allowing you to display and link icons on your website of more than 50 social networks.

2K No CVEs

Advanced Social icons

advance-social-icons

100

Advanced social icons help you quickly add icons with links to your profile on different social media platforms.

100 No CVEs

Yet Another Social Media Icon Plugin (YASIP)

yasip

By simply dragging this widget into your sidebar or any widgetized area, you can easily place icon links to your various social profiles.

100 No CVEs

Developer Profile

Fuse Social Floating Sidebar Developer Profile

Daniyal Ahmed (a11n)

1 plugin · 10K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

350 days

View full developer profile

Detection Fingerprints

How We Detect Fuse Social Floating Sidebar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fuse-social-floating-sidebar/inc/css/dashicon.css/wp-content/plugins/fuse-social-floating-sidebar/inc/css/admin.css/wp-content/plugins/fuse-social-floating-sidebar/inc/js/admin-fuse.js

Script Paths

/wp-content/plugins/fuse-social-floating-sidebar/inc/js/admin-fuse.js

Version Parameters

fuse-social-floating-sidebar/inc/css/dashicon.css?ver=fuse-social-floating-sidebar/inc/css/admin.css?ver=fuse-social-floating-sidebar/inc/js/admin-fuse.js?ver=

HTML / DOM Fingerprints

JS Globals

fs_fs

FAQ

Fuse Social Floating Sidebar Security & Risk Analysis

Is Fuse Social Floating Sidebar Safe to Use in 2026?

Generally Safe

Key Concerns

Fuse Social Floating Sidebar Security Vulnerabilities

CVEs by Year

Severity Breakdown

Fuse Social Floating Sidebar Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Fuse Social Floating Sidebar Attack Surface

AJAX Handlers 8

Shortcodes 7

Fuse Social Floating Sidebar Maintenance & Trust

Maintenance Signals

Community Trust

Fuse Social Floating Sidebar Alternatives

FloatySocial – Awesome Social Floating Sidebar

WP Social Widget

Socials Ignited

Advanced Social icons

Yet Another Social Media Icon Plugin (YASIP)

Fuse Social Floating Sidebar Developer Profile

How We Detect Fuse Social Floating Sidebar

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Fuse Social Floating Sidebar