MEDIUM
wpbean
CVE published 2026-05-21
CVE-2026-4811
CVE-2026-4811 is a stored cross-site scripting issue in the WPB Floating Menu & Categories for WordPress – Sticky Side Menu with Icons plugin. The flaw affects all versions up to and including 1.0.8 and can let authenticated users with Editor-level access or higher inject script that executes when affected pages are viewed.