Description

WordPress Plugin Sidekick is prone to multiple unspecified vulnerabilities. No available information exists regarding these issues and their impact on a vulnerable website. WordPress Plugin Sidekick version 2.2.1 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.2.2 or latest

References

https://wordpress.org/plugins/sidekick/changelog/

Related Vulnerabilities

WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)

Drupal Core 8.5.0 Remote Code Execution (8.5.0)

SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-27747)

WordPress Plugin Deeper Comments Security Bypass (2.1.1)

WordPress Plugin Quick Event Manager Cross-Site Scripting (9.6.4)

Severity

High

Tags

Missing Update