Sticky Block for Gutenberg Editor Security & Risk Analysis
wordpress.org/plugins/sticky-blockThe Gutenberg Sticky Block will stick at the top of the page once you scroll down.
Is Sticky Block for Gutenberg Editor Safe to Use in 2026?
Generally Safe
Score 100/100Sticky Block for Gutenberg Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'sticky-block' plugin v1.11.1 presents a strong security posture based on the provided static analysis and vulnerability history. The code analysis shows no evidence of dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or any identified taint flows, indicating good coding practices in these critical areas. Furthermore, the absence of any recorded CVEs, both historical and current, is a significant positive indicator of the plugin's security track record.
While the static analysis highlights a lack of identified vulnerabilities in the examined code, it's important to note the complete absence of capability checks and nonce checks. Although the attack surface appears to be zero in terms of AJAX handlers, REST API routes, shortcodes, and cron events, this lack of explicit checks could represent a potential blind spot if new entry points are introduced in future versions or if the plugin relies on other mechanisms for authorization that are not captured in this analysis.
In conclusion, 'sticky-block' v1.11.1 exhibits a very low risk profile due to its clean code analysis and spotless vulnerability history. The primary area for caution is the reported zero nonce and capability checks, which, while not posing an immediate threat given the current zero attack surface, represent a departure from best practices for securing WordPress components and could become a concern if the plugin's functionality expands.
Key Concerns
- Missing capability checks
- Missing nonce checks
Sticky Block for Gutenberg Editor Security Vulnerabilities
Sticky Block for Gutenberg Editor Code Analysis
Sticky Block for Gutenberg Editor Attack Surface
WordPress Hooks 2
Maintenance & Trust
Sticky Block for Gutenberg Editor Maintenance & Trust
Maintenance Signals
Community Trust
Sticky Block for Gutenberg Editor Alternatives
Aploblocks – Styling and Patterns for the block editor
aploblocks
Aploblocks adds extra design features to the core wordpress blocks. It is designed for block themes and helps you achieve incredible designs with ver …
A Sticky Note
a-sticky-note
A Gutenberg block to add sticky notes to your blog posts.
Classic Editor
classic-editor
Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.
Starter Templates – AI-Powered Templates for Elementor & Gutenberg
astra-sites
The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more
Classic Widgets
classic-widgets
Enables the previous "classic" widgets settings screens in Appearance - Widgets and the Customizer. Disables the block editor from managing widgets.
Sticky Block for Gutenberg Editor Developer Profile
7 plugins · 9K total installs
How We Detect Sticky Block for Gutenberg Editor
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/sticky-block/dist/blocks.build.js/wp-content/plugins/sticky-block/dist/blocks.style.build.css/wp-content/plugins/sticky-block/dist/blocks.editor.build.css/wp-content/plugins/sticky-block/dist/sticky-block.min.js/wp-content/plugins/sticky-block/dist/blocks.build.js/wp-content/plugins/sticky-block/dist/sticky-block.min.jssticky-block/dist/blocks.build.js?ver=1.11.1sticky-block/dist/blocks.style.build.css?ver=1.11.1sticky-block/dist/blocks.editor.build.css?ver=1.11.1sticky-block/dist/sticky-block.min.js?ver=1.0HTML / DOM Fingerprints
cgbGlobal