Does Sticky Content – Make Any Section Sticky on Scroll have any unpatched vulnerabilities?

No. All known vulnerabilities in Sticky Content – Make Any Section Sticky on Scroll have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sticky Content – Make Any Section Sticky on Scroll compatible with WordPress 6.9.4?

According to WordPress.org data, Sticky Content – Make Any Section Sticky on Scroll 2.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Sticky Content – Make Any Section Sticky on Scroll compatible with PHP 7.1+?

Sticky Content – Make Any Section Sticky on Scroll requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Sticky Content – Make Any Section Sticky on Scroll's security score?

Sticky Content – Make Any Section Sticky on Scroll has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sticky Content – Make Any Section Sticky on Scroll Security & Risk Analysis

wordpress.org/plugins/sticky-menu-block

Sticky Content allows website elements to remain fixed while scrolling. It is a simple and customizable Gutenberg block for creating sticky content.

400 active installs v2.0.0 PHP 7.1+ WP 6.5+ Updated Mar 9, 2026

blockstickysticky-contentsticky-itemsticky-menu

A · Safe

CVEs total1

Unpatched0

Last CVEFeb 22, 2025

Download

Safety Verdict

Is Sticky Content – Make Any Section Sticky on Scroll Safe to Use in 2026?

Generally Safe

Score 99/100

Sticky Content – Make Any Section Sticky on Scroll has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 22, 2025Updated 25d ago

Risk Assessment

The "sticky-menu-block" v2.0.0 plugin exhibits a generally good security posture, with strong adherence to secure coding practices. The static analysis shows no dangerous functions, all SQL queries are prepared, and output escaping is nearly perfect. The limited attack surface, with all entry points protected by authentication or capability checks, further contributes to its security. The absence of unsanitized paths in taint analysis is also a positive indicator.

However, a past medium-severity Cross-Site Scripting (XSS) vulnerability, last patched in February 2025, suggests that while current code may be clean, the plugin has historically had security flaws. The presence of the Freemius bundled library could also be a potential concern if not kept up-to-date, although no specific issues are indicated in the provided data. The single external HTTP request, while not inherently risky, warrants attention to ensure it's being handled securely.

In conclusion, the plugin is well-coded and protected against common web vulnerabilities. The primary area of caution stems from its past vulnerability, highlighting the importance of ongoing vigilance and timely updates. The well-implemented code-level protections are commendable.

Key Concerns

Past medium vulnerability: XSS
Bundled library (Freemius)
External HTTP request present

Vulnerabilities

Sticky Content – Make Any Section Sticky on Scroll Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-26881medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Sticky Content <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Feb 22, 2025 Patched in 1.0.2 (10d)

Code Analysis

Analyzed Mar 16, 2026

Sticky Content – Make Any Section Sticky on Scroll Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

44 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius

Output Escaping

98% escaped45 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

fs_init (freemius-lite\inc\Base\FSActivate.php:68)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Sticky Content – Make Any Section Sticky on Scroll Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_fs_initfreemius-lite\inc\Base\FSActivate.php:42

Shortcodes 1

[smb] includes\ShortCode.php:7

WordPress Hooks 23

actionadmin_headfreemius-lite\inc\Base\FSActivate.php:29

actionadmin_enqueue_scriptsfreemius-lite\inc\Base\FSActivate.php:30

actionadmin_menufreemius-lite\inc\Base\FSActivate.php:33

actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:38

actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:39

actionadmin_noticesfreemius-lite\inc\Base\FSActivate.php:44

actioninitfreemius-lite\inc\Base\FS_Lite.php:29

actionenqueue_block_assetsincludes\class-smbBlock.php:6

actioninitincludes\class-smbBlock.php:7

actionplugins_loadedincludes\class-smbStickyContent.php:8

actionadmin_menuincludes\ProAdminMenu.php:8

actionadmin_enqueue_scriptsincludes\ProAdminMenu.php:9

actionadmin_enqueue_scriptsincludes\ShortCode.php:8

actioninitincludes\ShortCode.php:9

filtermanage_smb_posts_columnsincludes\ShortCode.php:10

actionmanage_smb_posts_custom_columnincludes\ShortCode.php:11

actionuse_block_editor_for_postincludes\ShortCode.php:12

actionenqueue_block_assetssmb-block.php:6

actioninitsmb-block.php:7

actionenqueue_block_editor_assetssmb-block.php:8

actionwp_enqueue_scriptssmb-block.php:9

filterdefault_titlesmb-block.php:10

filterdefault_contentsmb-block.php:11

Maintenance & Trust

Sticky Content – Make Any Section Sticky on Scroll Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 9, 2026

PHP min version7.1

Downloads7K

Community Trust

Rating60/100

Number of ratings1

Active installs400

Alternatives

Sticky Content – Make Any Section Sticky on Scroll Alternatives

My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)

mystickymenu

Create a welcome notification bar for your website. Also, My Sticky Bar plugin can make your menu or header sticky to the top when scrolled 📌

100K 6 CVEs

Sticky Menu & Sticky Header

sticky-menu-or-anything-on-scroll

100

Sticky Menu or Sticky Header sticks elements at the top of the screen when you scroll, or create a floating sticky menu or fixed widget.

100K 1 CVE

Float menu – awesome floating side menu

float-menu

Easily create floating menus of varying complexity. Use its capabilities to place unique navigation on the site.

30K 4 CVEs

WP Mobile Bottom Menu

mobile-bottom-menu-for-wp

Smooth Navigation for Mobile. Create an Eye-Catching Sticky Bottom Menu with Limitless Customization Options.

10K 1 CVE

Boostify Header Footer Builder for Elementor

boostify-header-footer-builder

Create Header, Footer and Mega menu for your WordPress website using Elementor Page Builder for free.

9K 4 CVEs

Developer Profile

Sticky Content – Make Any Section Sticky on Scroll Developer Profile

colorlibplugins

120 plugins · 738K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

140 days

View full developer profile

Detection Fingerprints

How We Detect Sticky Content – Make Any Section Sticky on Scroll

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sticky-menu-block/assets/css/style.css/wp-content/plugins/sticky-menu-block/assets/js/main.js

Script Paths

/wp-content/plugins/sticky-menu-block/assets/js/main.js

Version Parameters

/wp-content/plugins/sticky-menu-block/assets/css/style.css?ver=/wp-content/plugins/sticky-menu-block/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

smb-sticky-content

Data Attributes

data-smb-settings

JS Globals

smb_data

FAQ