Does Simple Floating Menu have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Floating Menu compatible with WordPress 6.9.4?

According to WordPress.org data, Simple Floating Menu 1.3.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Simple Floating Menu compatible with PHP 7.2+?

Simple Floating Menu requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Simple Floating Menu updated?

Simple Floating Menu was last updated on Dec 7, 2025. Frequent updates are generally a positive security signal.

What is Simple Floating Menu's security score?

Simple Floating Menu has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Floating Menu Security & Risk Analysis

wordpress.org/plugins/simple-floating-menu

Simple Floating Menu add a simple floating button with various layouts and settings.

10K active installs v1.3.2 PHP 7.2+ WP 6.3+ Updated Dec 7, 2025

fixed-menufloating-menumenusticky-button

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple Floating Menu Safe to Use in 2026?

Generally Safe

Score 100/100

Simple Floating Menu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The 'simple-floating-menu' plugin v1.3.2 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The plugin demonstrates good security practices by not exposing any REST API routes without permission callbacks, not using shortcodes, and implementing prepared statements for all SQL queries. Furthermore, all identified entry points (AJAX handlers) appear to have authentication checks, and there are a respectable number of nonce and capability checks. The absence of critical or high-severity taint flows, coupled with a lack of any known CVEs, further strengthens this positive assessment.

Key Concerns

Potential for unescaped output (10% of 192 outputs)
File operations without explicit context
External HTTP requests without explicit context

Vulnerabilities

None known

Simple Floating Menu Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Simple Floating Menu Release Timeline

v1.3.2Current

v1.3.1

v1.3.0

v1.2.8

v1.2.7

v1.2.6

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.9

v1.1.8

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

Code Analysis

Analyzed Mar 16, 2026

Simple Floating Menu Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

173 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

90% escaped192 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

7 flows

sfm_get_google_font_variants (inc\google-fonts-list.php:162)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Simple Floating Menu Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_sfm_get_google_font_variantsinc\google-fonts-list.php:194

authwp_ajax_sfm_live_previewlive-preview.php:7

WordPress Hooks 10

actionwp_footerfrontend.php:10

actionwp_enqueue_scriptsfrontend.php:13

actiondelete_fonts_folderinc\wptt-webfont-loader.php:128

actionadmin_enqueue_scriptssimple-floating-menu.php:57

actionadmin_menusimple-floating-menu.php:63

actionadmin_footersimple-floating-menu.php:65

actionadmin_initsimple-floating-menu.php:68

actionadmin_initsimple-floating-menu.php:71

actionadmin_initsimple-floating-menu.php:73

actionadmin_noticessimple-floating-menu.php:74

Scheduled Events 1

delete_fonts_folder

Maintenance & Trust

Simple Floating Menu Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 7, 2025

PHP min version7.2

Downloads242K

Community Trust

Rating100/100

Number of ratings38

Active installs10K

Alternatives

Simple Floating Menu Alternatives

Sticky Buttons – Floating Buttons Builder

sticky-buttons

Increase user engagement by incorporating sticky buttons that highlight relevant information on your website.

10K 3 CVEs

Side Menu Lite – Sticky Floating Side Menu

side-menu-lite

Create a sticky vertical sidebar menu that enhances navigation and highlights important links on your website.

7K 5 CVEs

Larbous Floating Menu

larbous-floating-menu

This plugin creates a floating menu set to the left position. Set the options in Settings / Larbous Floating Menu

10 No CVEs

Sticky Menu & Sticky Header

sticky-menu-or-anything-on-scroll

100

Sticky Menu or Sticky Header sticks elements at the top of the screen when you scroll, or create a floating sticky menu or fixed widget.

100K 1 CVE

Float menu – awesome floating side menu

float-menu

Easily create floating menus of varying complexity. Use its capabilities to place unique navigation on the site.

30K 4 CVEs

Developer Profile

Simple Floating Menu Developer Profile

hashthemes

19 plugins · 66K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

91 days

View full developer profile

Detection Fingerprints

How We Detect Simple Floating Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-floating-menu/assets/css/fontawesome-6.3.0.css/wp-content/plugins/simple-floating-menu/assets/css/eleganticons.css/wp-content/plugins/simple-floating-menu/assets/css/icofont.css/wp-content/plugins/simple-floating-menu/assets/css/materialdesignicons.css/wp-content/plugins/simple-floating-menu/assets/css/chosen.css/wp-content/plugins/simple-floating-menu/assets/css/style.css/wp-content/plugins/simple-floating-menu/assets/css/essentialicon.css/wp-content/plugins/simple-floating-menu/assets/css/admin-style.rtl.css+5 more

Script Paths

/wp-content/plugins/simple-floating-menu/assets/js/chosen.jquery.js/wp-content/plugins/simple-floating-menu/assets/js/webfont.js/wp-content/plugins/simple-floating-menu/assets/js/wp-color-picker-alpha.js/wp-content/plugins/simple-floating-menu/assets/js/admin-scripts.js

Version Parameters

simple-floating-menu/assets/css/fontawesome-6.3.0.css?ver=simple-floating-menu/assets/css/eleganticons.css?ver=simple-floating-menu/assets/css/icofont.css?ver=simple-floating-menu/assets/css/materialdesignicons.css?ver=simple-floating-menu/assets/css/chosen.css?ver=simple-floating-menu/assets/css/style.css?ver=simple-floating-menu/assets/css/essentialicon.css?ver=simple-floating-menu/assets/css/admin-style.rtl.css?ver=simple-floating-menu/assets/css/admin-style.css?ver=simple-floating-menu/assets/js/chosen.jquery.js?ver=simple-floating-menu/assets/js/webfont.js?ver=simple-floating-menu/assets/js/wp-color-picker-alpha.js?ver=simple-floating-menu/assets/js/admin-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

sfm-rectsfm-circle

Data Attributes

data-sfm-id

JS Globals

sfm_obj

FAQ