[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEx4_Rpbk4K4Mwi6CHpfIpxV7P4KXP7CPis4lwHjV6VY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":20,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":36,"fingerprints":82},"buooy-scroll-to-top","Buooy Scroll To Top","1.1.0","Buooy","https:\u002F\u002Fprofiles.wordpress.org\u002Fbuooy\u002F","\u003Cp>Buooy Scroll To Top is a Scroll to Top that actually looks nice. And its incredibly easy to use. Just activate and go!\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Simple\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Nothing! Just activate and go! It will automatically create a nice back to top button that will appear after your user scrolls beyond 200px.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Advanced\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>There are a few ways to use your own image:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Method 1: Create a directory with the EXACT directory name of ‘backtotop’ in your theme root directory and place an image with the EXACT file name of ‘backtotop.png’ or ‘backtotop.jpg’ or ‘backtotop.jpeg’ or ‘backtotop.gif’. If you have multiple image files, the image will load in that order.\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Method 2: Use the filter ‘back-to-top-image’ as follows in your theme’s functions.php:\u003C\u002Fp>\n\u003Cp>if(has_filter(‘back-to-top-image’)){\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'back-to-top-image', 'add_back_to_top_image' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>}\u003C\u002Fp>\n\u003Cp>function add_back_to_top_image(){\u003C\u002Fp>\n\u003Cpre>\u003Ccode>return URL_TO_THE_IMAGE_HERE;\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>}\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Buooy Scroll To Top is a Scroll to Top that actually looks nice. And its incredibly easy to use. Just activate and go!",10,1937,100,2,"2014-05-15T09:50:00.000Z","3.9.40","3.8.1","",[],"http:\u002F\u002Fbuooy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuooy-scroll-to-top.1.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"buooy",3,60,90,30,87,"2026-04-04T23:20:34.454Z",[],{"attackSurface":37,"codeSignals":56,"taintFlows":70,"riskAssessment":71,"analyzedAt":81},{"hooks":38,"ajaxHandlers":52,"restRoutes":53,"shortcodes":54,"cronEvents":55,"entryPointCount":23,"unprotectedCount":23},[39,45,49],{"type":40,"name":41,"callback":42,"file":43,"line":44},"action","wp_head","wp_head_style","buooy-scrolltotop.php",41,{"type":40,"name":46,"callback":47,"file":43,"line":48},"wp_footer","wp_footer_script",42,{"type":40,"name":46,"callback":50,"file":43,"line":51},"wp_footer_element",43,[],[],[],[],{"dangerousFunctions":57,"sqlUsage":58,"outputEscaping":60,"fileOperations":23,"externalRequests":23,"nonceChecks":23,"capabilityChecks":23,"bundledLibraries":69},[],{"prepared":23,"raw":23,"locations":59},[],{"escaped":23,"rawEcho":29,"locations":61},[62,65,67],{"file":43,"line":63,"context":64},67,"raw output",{"file":43,"line":66,"context":64},93,{"file":43,"line":68,"context":64},119,[],[],{"summary":72,"deductions":73},"The \"buooy-scroll-to-top\" v1.1.0 plugin exhibits a generally strong security posture based on the provided static analysis.  The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface, and the reported zero unprotected entry points is a positive indicator.  Furthermore, the fact that all SQL queries utilize prepared statements demonstrates good practice in preventing SQL injection vulnerabilities.  The lack of dangerous function calls, file operations, external HTTP requests, and the absence of critical or high-severity taint flows further contribute to a low-risk profile.\n\nHowever, a significant concern arises from the complete lack of output escaping. With 3 total outputs identified and 0% properly escaped, this presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities.  Any data processed by the plugin and then displayed to users could potentially be manipulated to inject malicious scripts.  The absence of nonce checks and capability checks, while less critical given the limited attack surface, could become a concern if the plugin were to introduce new interactive elements or endpoints in the future. The clean vulnerability history is a positive sign, suggesting a history of secure development, but it does not mitigate the immediate XSS risk identified in the code.",[74,77,79],{"reason":75,"points":76},"Unescaped output detected",8,{"reason":78,"points":14},"Missing nonce checks",{"reason":80,"points":14},"Missing capability checks","2026-03-16T23:53:00.091Z",{"wat":83,"direct":89},{"assetPaths":84,"generatorPatterns":86,"scriptPaths":87,"versionParams":88},[85],"\u002Fwp-content\u002Fplugins\u002Fbuooy-scroll-to-top\u002Fbacktotop.png",[],[],[],{"cssClasses":90,"htmlComments":93,"htmlAttributes":94,"restEndpoints":95,"jsGlobals":96,"shortcodeOutput":97},[91,92],"stt_container","stt_image",[],[],[],[],[]]