[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fyjqVbIqPyl6i7Iv7NF_pn16CBm1m-5mS6S1w0DIWphs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":146,"fingerprints":210},"sticky-side-buttons","Sticky Side Buttons","2.0.3","Maeve Lander","https:\u002F\u002Fprofiles.wordpress.org\u002Fenigmaweb\u002F","\u003Cp>This simple button creator lets you create one or more floating buttons that stick to the side of your site as the user scrolls.\u003C\u002Fp>\n\u003Ch4>Use it for sticking information like:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Phone number\u003C\u002Fli>\n\u003Cli>Email address\u003C\u002Fli>\n\u003Cli>Social icons\u003C\u002Fli>\n\u003Cli>Store locations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Configuration options include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Button position > left or right\u003C\u002Fli>\n\u003Cli>Rollover style > darken or lighten\u003C\u002Fli>\n\u003Cli>Animation style > none, slide or icons only\u003C\u002Fli>\n\u003Cli>Disable on mobile (optional)\u003C\u002Fli>\n\u003Cli>Customise button icons, text, link, and colors easily\u003C\u002Fli>\n\u003Cli>Show on: Front Page, Pages, Posts, Custom Post Types (checkboxes)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdemo.enigmaweb.com.au\u002F\" rel=\"nofollow ugc\">Click here\u003C\u002Fa> for out-of-the-box demo. You can see the buttons to the right of the screen, in ‘slide’ mode.\u003C\u002Fli>\n\u003C\u002Ful>\n","Flexible button creator allowing you to stick floating buttons to the side of your site.",10000,267847,88,41,"2025-07-02T03:16:00.000Z","6.7.5","5.0","7.4",[20,21,22,23,24],"buttons","contact","side","social-buttons","sticky","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsticky-side-buttons\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsticky-side-buttons.2.0.3.zip",99,1,0,"2025-08-13 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2023-3666","sticky-side-buttons-authenticated-administrator-stored-cross-site-scripting","Sticky Side Buttons \u003C 2.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Sticky Side Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C2.0.0","2.0.0","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-10 20:51:43",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9ad2acce-1285-46e6-9bb0-64f215698373?source=api-prod",29,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":48,"trust_score":54,"computed_at":55},"enigmaweb",6,11270,84,83,"2026-04-04T05:56:08.367Z",[57,78,99,117,131],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":29,"downloaded":65,"rating":29,"num_ratings":29,"last_updated":66,"tested_up_to":67,"requires_at_least":17,"requires_php":68,"tags":69,"homepage":75,"download_link":76,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"livechapter-sticky-side-cta","LiveChapter Sticky Side CTA","1.0.0","Live Chapter","https:\u002F\u002Fprofiles.wordpress.org\u002Flivechapter\u002F","\u003Cp>LiveChapter Sticky LiveChapter Sticky Side CTA allows you to add eye-catching, customizable sticky buttons to the side of your website. Perfect for increasing conversions, engagement, and making it easy for visitors to contact you or follow your social media.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Visual Icon Picker – Choose from 70+ popular icons (no coding required)\u003C\u002Fli>\n\u003Cli>3 Customizable Buttons – Add up to 3 independent side tab buttons\u003C\u002Fli>\n\u003Cli>Individual Dimensions – Set unique width and height for each button\u003C\u002Fli>\n\u003Cli>Color Customization – Background, hover, and text colors\u003C\u002Fli>\n\u003Cli>Smart Text Display – Vertical text, tooltip on hover, or both\u003C\u002Fli>\n\u003Cli>Mobile Control – Hide specific buttons on mobile devices\u003C\u002Fli>\n\u003Cli>Font Size Control – Separate desktop and mobile font sizes\u003C\u002Fli>\n\u003Cli>Page Exclusion – Hide buttons on specific pages or URL patterns\u003C\u002Fli>\n\u003Cli>Position Control – Place buttons on left or right side\u003C\u002Fli>\n\u003Cli>Responsive Design – Auto-adjusts for all screen sizes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Visual Icon Library\u003C\u002Fh4>\n\u003Cp>Browse 70+ icons in 9 categories: Communication, Social Media, Actions, Business, Location, Shopping, User Account, Media, and Interface.\u003C\u002Fp>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contact buttons (phone, email, chat)\u003C\u002Fli>\n\u003Cli>Social media links\u003C\u002Fli>\n\u003Cli>Lead generation (“Get Quote”, “Apply Now”)\u003C\u002Fli>\n\u003Cli>E-commerce (cart, wishlist)\u003C\u002Fli>\n\u003Cli>Support and help\u003C\u002Fli>\n\u003Cli>Appointments booking\u003C\u002Fli>\n\u003Cli>Downloads\u003C\u002Fli>\n\u003Cli>Quick navigation\u003C\u002Fli>\n\u003C\u002Ful>\n","Create stunning sticky side tab buttons with call-to-action features by LiveChapter. Perfect for contact, social media, and conversion buttons.",123,"2025-11-23T15:07:00.000Z","6.8.5","7.0",[70,71,72,73,74],"call-to-action","contact-button","floating-button","side-tab","sticky-buttons","https:\u002F\u002Flivechapter.com\u002Fplugins\u002Flivechapter-sticky-side-cta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flivechapter-sticky-side-cta.1.0.0.zip",100,{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":77,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":92,"download_link":97,"security_score":98,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"sticky-button","Sticky Floating Button (Book Now, Contact, Call To Action…)","1.0","digimaxme","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigimaxme\u002F","\u003Cp>The following demos, will give you an idea about some of the different buttons positions that you can create with our plugin:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fstickybutton.tk\u002F\" rel=\"noopener noreferrer nofollow ugc\">Demo 1\u003C\u002Fa> (Full Width)\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fstickybutton.tk\u002Fabout\u002F\" rel=\"noopener noreferrer nofollow ugc\">Demo 2\u003C\u002Fa> (Bottom Centered)\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fstickybutton.tk\u002Fservices\u002F\" rel=\"noopener noreferrer nofollow ugc\">Demo 3\u003C\u002Fa> (Extreme Left)\u003C\u002Fp>\n\u003Cp>The button can be centered at the bottom of the page or placed on the left\u002Fright sides.\u003Cbr \u002F>\nDisplay the button on the entire website or on specific pages.\u003Cbr \u002F>\nPossibility to choose on which device you would like to show the button (desktops and\u002For mobiles).\u003Cbr \u002F>\nTransform the button into any Call-To-Action you desire by adding your custom\u002Flink (Book Now, Contact Us, Call Now…)\u003C\u002Fp>\n","The button can be centered at the bottom of the page or placed on the left\u002Fright sides. Display the button on the entire website or on specific pages.",900,8317,3,"2022-04-14T11:33:00.000Z","5.9.13","3.5","",[94,95,71,96,79],"book-now-button","call-to-action-button","fixed-buttons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsticky-button.1.0.zip",85,{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":77,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":17,"requires_php":68,"tags":112,"homepage":115,"download_link":116,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"sticky-mobile-buttons","Sticky Mobile Buttons","4.0.6","webnbpro","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebnbpro\u002F","\u003Cp>\u003Cstrong>Boost Your Mobile Conversions with Floating Action Buttons!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Sticky Mobile Buttons transforms your mobile visitors into customers by adding eye-catching floating buttons that stay visible while scrolling. Perfect for mobile-optimized websites!\u003C\u002Fp>\n\u003Ch4>Why Choose Sticky Mobile Buttons?\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Increase Conversions\u003C\u002Fstrong> – Make important actions always accessible\u003Cbr \u002F>\n\u003Cstrong>Mobile-First Design\u003C\u002Fstrong> – Automatically shows only on mobile devices\u003Cbr \u002F>\n\u003Cstrong>Fully Customizable\u003C\u002Fstrong> – Match your brand colors and style\u003Cbr \u002F>\n\u003Cstrong>Lightweight & Fast\u003C\u002Fstrong> – Won’t slow down your website\u003C\u002Fp>\n\u003Ch4>Perfect For:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Contact buttons (Phone, WhatsApp, Telegram)\u003C\u002Fli>\n\u003Cli>Quick cart access for WooCommerce\u003C\u002Fli>\n\u003Cli>Link to important pages\u003C\u002Fli>\n\u003Cli>Special promotions or calls-to-action\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Up to 7 customizable buttons\u003C\u002Fli>\n\u003Cli>Multiple button types: Phone, Telegram, WhatsApp, Cart, and custom links\u003C\u002Fli>\n\u003Cli>Visual icon selector with Font Awesome icons\u003C\u002Fli>\n\u003Cli>Custom icon upload support\u003C\u002Fli>\n\u003Cli>Color customization for each icon\u003C\u002Fli>\n\u003Cli>Show\u002Fhide text labels\u003C\u002Fli>\n\u003Cli>Responsive design – only shows on mobile devices\u003C\u002Fli>\n\u003Cli>Smooth animation effects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This program is free software; you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.\u003C\u002Fp>\n","Adds customizable sticky buttons on mobile for quick contact and cart access. Boost Your Mobile Conversions with Floating Action Buttons!",30,444,5,"2025-12-03T15:20:00.000Z","6.9.4",[20,21,113,114,24],"floating","mobile","https:\u002F\u002Fwebnbpro.com\u002Fsticky-mobile-buttons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsticky-mobile-buttons.4.0.6.zip",{"slug":118,"name":119,"version":60,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":29,"downloaded":124,"rating":29,"num_ratings":29,"last_updated":125,"tested_up_to":111,"requires_at_least":126,"requires_php":18,"tags":127,"homepage":92,"download_link":130,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"hansandfriends-sticky-contact-sidebar","HansAndFriends Sticky Contact Sidebar","Hans & Friends","https:\u002F\u002Fprofiles.wordpress.org\u002Fhansandfriends\u002F","\u003Cp>HansAndFriends Sticky Contact Sidebar adds a compact, configurable contact sidebar to your website.\u003C\u002Fp>\n\u003Cp>Main features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Editable contact content in WordPress admin\u003C\u002Fli>\n\u003Cli>Separate label\u002Ftext\u002Flink fields for phone, email, and contact form\u003C\u002Fli>\n\u003Cli>Address field with optional automatic Google Maps link generation\u003C\u002Fli>\n\u003Cli>Per-item visibility toggles for phone, email, address, and contact form\u003C\u002Fli>\n\u003Cli>Optional social block with auto-detected network icons from entered profile links\u003C\u002Fli>\n\u003Cli>Three configurable colors (accent, label, text\u002Fvalue)\u003C\u002Fli>\n\u003Cli>Font source switch: theme stack, Google Fonts locally (recommended), or Google Fonts CDN\u003C\u002Fli>\n\u003Cli>Google Fonts catalog scoped to families with Latin support, with additional filtering of script-specific non-western families\u003C\u002Fli>\n\u003Cli>Global font-weight controls for labels and text (2 selects, based on selected family)\u003C\u002Fli>\n\u003Cli>Search-based Google Font picker (no large dropdown)\u003C\u002Fli>\n\u003Cli>One-click local Google Font installation from plugin settings\u003C\u002Fli>\n\u003Cli>Optional mobile disable with custom breakpoint\u003C\u002Fli>\n\u003Cli>Optional “show peek only after scroll” mode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The sidebar behavior remains simple:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Default state: visible in peek mode\u003C\u002Fli>\n\u003Cli>On hover\u002Ffocus: expands fully\u003C\u002Fli>\n\u003Cli>Optional mode: starts hidden and shows peek only after scroll activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin can connect to Google services in typography features, depending on selected mode.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Google Fonts CSS API\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>* Service URL: \u003Ccode>https:\u002F\u002Ffonts.googleapis.com\u002Fcss2\u003C\u002Fcode>\u003Cbr \u002F>\n* Used when:\u003Cbr \u002F>\n  * Frontend renders the sidebar in \u003Cstrong>Use Google Fonts CDN\u003C\u002Fstrong> mode\u003Cbr \u002F>\n  * Admin runs \u003Cstrong>Install locally & activate\u003C\u002Fstrong> for a selected font\u003Cbr \u002F>\n* Data sent: Requested font family and IP address (standard HTTP request metadata)\u003Cbr \u002F>\n* Why: Load Google Fonts CSS for CDN delivery or local installation workflow\u003Cbr \u002F>\n* Terms of Service: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Col>\n\u003Cli>Google Fonts metadata endpoint\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>* Service URL: \u003Ccode>https:\u002F\u002Ffonts.google.com\u002Fmetadata\u002Ffonts\u003C\u002Fcode>\u003Cbr \u002F>\n* Used when: Admin opens plugin settings while \u003Cstrong>Use Google Fonts CDN\u003C\u002Fstrong> or \u003Cstrong>Use Google Fonts locally\u003C\u002Fstrong> is enabled\u003Cbr \u002F>\n* Data sent: Your server IP and standard HTTP request metadata\u003Cbr \u002F>\n* Why: Automatically refresh the selectable Google Fonts catalog\u003Cbr \u002F>\n* Terms of Service: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Col>\n\u003Cli>Google static font file host\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>* Service URL: \u003Ccode>https:\u002F\u002Ffonts.gstatic.com\u002F\u003C\u002Fcode>\u003Cbr \u002F>\n* Used when: Admin runs \u003Cstrong>Install locally & activate\u003C\u002Fstrong>\u003Cbr \u002F>\n* Data sent: Your server IP and standard HTTP request metadata\u003Cbr \u002F>\n* Why: Download selected font files for local hosting\u003Cbr \u002F>\n* Terms of Service: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>Third-party trademarks\u003C\u002Fh3>\n\u003Cp>Social network names and logos are trademarks of their respective owners.\u003Cbr \u002F>\nThis plugin displays social icons based on user-entered profile links and does not imply endorsement by those brands.\u003C\u002Fp>\n","Adds a configurable sticky contact sidebar with editable links, maps, colors, and Google Fonts support.",226,"2026-03-02T09:47:00.000Z","6.0",[21,128,129,24],"quick-contact","sidebar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhansandfriends-sticky-contact-sidebar.1.0.0.zip",{"slug":132,"name":133,"version":60,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":29,"downloaded":138,"rating":29,"num_ratings":29,"last_updated":139,"tested_up_to":111,"requires_at_least":17,"requires_php":68,"tags":140,"homepage":92,"download_link":145,"security_score":77,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"sticklyui","SticklyUI","arunkunwar","https:\u002F\u002Fprofiles.wordpress.org\u002Farunkunwar\u002F","\u003Cp>SticklyUI is a lightweight and powerful WordPress plugin designed to enhance your website’s user experience and conversion rates. It offers three core functionalities in one easy-to-use package:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Sticky Header\u003C\u002Fstrong> – Make your existing theme’s header sticky with customizable styling\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Floating Action Buttons\u003C\u002Fstrong> – Add unlimited floating buttons for social media, quick links, or services\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Contact Button & Popup\u003C\u002Fstrong> – A specialized floating contact button with a built-in AJAX form\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Sticky Header\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Works with your \u003Cem>existing\u003C\u002Fem> theme header\u003C\u002Fli>\n\u003Cli>Automatic header selector detection\u003C\u002Fli>\n\u003Cli>Option to use custom CSS selector\u003C\u002Fli>\n\u003Cli>Customizable background and text colors for sticky state\u003C\u002Fli>\n\u003Cli>Adjustable offset to prevent content overlap\u003C\u002Fli>\n\u003Cli>Mobile-friendly design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Floating Buttons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create as many floating buttons as needed\u003C\u002Fli>\n\u003Cli>Custom SVG icon support for all buttons\u003C\u002Fli>\n\u003Cli>Position in any corner (Bottom Right, Bottom Left, Top Right, Top Left)\u003C\u002Fli>\n\u003Cli>Multiple buttons in the same position automatically group into an expanding menu\u003C\u002Fli>\n\u003Cli>Set background and hover colors per button\u003C\u002Fli>\n\u003Cli>Add helpful tooltips to each button\u003C\u002Fli>\n\u003Cli>Open links in new tab or same tab\u003C\u002Fli>\n\u003Cli>Schedule buttons to appear at specific times\u003C\u002Fli>\n\u003Cli>Easily reorder buttons with drag and drop\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contact Form\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Dedicated floating contact button\u003C\u002Fli>\n\u003Cli>Clean, responsive modal contact form\u003C\u002Fli>\n\u003Cli>Fields: Name, Email, Phone, Message\u003C\u002Fli>\n\u003Cli>AJAX Submission (No page reloads required)\u003C\u002Fli>\n\u003Cli>Custom button icon, color, and tooltip\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Admin Interface\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Clean, intuitive dashboard using WordPress standards\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Toggle between grid and list views for managing buttons\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Live Preview to see button styles before saving\u003C\u002Fli>\n\u003C\u002Ful>\n","Create customizable floating service buttons, a sticky header, and a dedicated contact button with a popup form for your WordPress site.",102,"2026-01-14T08:00:00.000Z",[71,141,142,143,144],"floating-buttons","social-media","sticky-header","sticky-menu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsticklyui.1.0.0.zip",{"attackSurface":147,"codeSignals":191,"taintFlows":200,"riskAssessment":201,"analyzedAt":209},{"hooks":148,"ajaxHandlers":187,"restRoutes":188,"shortcodes":189,"cronEvents":190,"entryPointCount":29,"unprotectedCount":29},[149,155,158,162,166,170,174,178,182],{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","init","ssb_icons_migration","ssb-main.php",50,{"type":150,"name":151,"callback":156,"file":153,"line":157},"ssb_textdomain",53,{"type":150,"name":159,"callback":160,"file":153,"line":161},"admin_init","ssb_register_settings",56,{"type":150,"name":163,"callback":164,"file":153,"line":165},"admin_menu","ssb_admin_menu",59,{"type":150,"name":167,"callback":168,"file":153,"line":169},"admin_enqueue_scripts","ssb_admin_assets",62,{"type":150,"name":171,"callback":172,"file":153,"line":173},"admin_notices","ssb_admin_notices",65,{"type":150,"name":175,"callback":176,"file":153,"line":177},"wp_enqueue_scripts","ssb_ui_assets",68,{"type":150,"name":179,"callback":180,"file":153,"line":181},"wp_footer","icons",69,{"type":150,"name":183,"callback":184,"file":185,"line":186},"plugins_loaded","ssb_init","sticky-side-buttons.php",74,[],[],[],[],{"dangerousFunctions":192,"sqlUsage":193,"outputEscaping":195,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":198,"bundledLibraries":199},[],{"prepared":29,"raw":29,"locations":194},[],{"escaped":196,"rawEcho":29,"locations":197},97,[],2,[],[],{"summary":202,"deductions":203},"The static analysis of sticky-side-buttons v2.0.3 reveals a generally strong security posture with excellent adherence to several best practices. The absence of any detected dangerous functions, file operations, or external HTTP requests is highly positive.  Furthermore, all SQL queries are properly prepared, and all detected outputs are correctly escaped, significantly mitigating common vulnerabilities like SQL injection and Cross-Site Scripting (XSS) originating from within the analyzed code paths. The limited attack surface with zero entry points that lack authentication checks is also a commendable aspect. However, the presence of two capability checks without any identified nonce checks or explicit authentication controls on potential entry points (even though there are none reported) warrants careful consideration.  This suggests that while the code might be clean, the framework around it might rely on other security mechanisms for protection, which could be a point of weakness if those mechanisms are misconfigured or bypassed.\n\nThe vulnerability history shows a past medium severity vulnerability, specifically an XSS issue, which was patched. The fact that there are no currently unpatched CVEs is reassuring. However, the past occurrence of XSS, even if medium and patched, indicates that the plugin is not entirely immune to such issues, and ongoing vigilance is necessary. The complete absence of taint analysis findings is positive, suggesting no unsanitized paths were identified in the flows that were analyzed. Overall, the plugin demonstrates good coding hygiene in its current version, but the historical vulnerability and the presence of capability checks without clear nonce implementation on potential (though currently non-existent) entry points suggest a minor area for review, especially concerning the overall defense-in-depth strategy.",[204,207],{"reason":205,"points":206},"Past medium severity XSS vulnerability",7,{"reason":208,"points":109},"Capability checks present, but no nonce checks indicated","2026-03-16T17:39:24.515Z",{"wat":211,"direct":228},{"assetPaths":212,"generatorPatterns":219,"scriptPaths":220,"versionParams":221},[213,214,215,216,217,218],"\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fcss\u002Fssb-admin-style.css","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fcss\u002Ffontawesome-iconpicker.css","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fjs\u002Ffontawesome-iconpicker.js","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fjs\u002Fssb-admin-js.js","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fcss\u002Fssb-ui-style.css","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fjs\u002Fssb-ui-js.js",[],[],[222,223,224,225,226,227],"\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fcss\u002Fssb-admin-style.css?ver=","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fcss\u002Ffontawesome-iconpicker.css?ver=","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fjs\u002Ffontawesome-iconpicker.js?ver=","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fjs\u002Fssb-admin-js.js?ver=","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fcss\u002Fssb-ui-style.css?ver=","\u002Fwp-content\u002Fplugins\u002Fsticky-side-buttons\u002Fassets\u002Fjs\u002Fssb-ui-js.js?ver=",{"cssClasses":229,"htmlComments":231,"htmlAttributes":233,"restEndpoints":236,"jsGlobals":237,"shortcodeOutput":239},[230],"ssb-icon-button",[232],"\u003C!-- Sticky Side Buttons -->",[234,235],"data-ssb-id","data-ssb-config",[],[238],"ssb_ui_data",[]]