WP-Safety

Dropdown and scrollable Text Security & Risk Analysis

wordpress.org/plugins/dropdown-and-scrollable-text

Create shortcode for dropdown text or scrollable text

100 active installs v2.1 PHP 5.4+ WP 3.0.1+ Updated May 21, 2022
dropdown-textscrolling-texttext-box
84
B · Generally Safe
CVEs total2
Unpatched0
Last CVEMay 25, 2022
Plugin page Download
Safety Verdict

Is Dropdown and scrollable Text Safe to Use in 2026?

Mostly Safe

Score 84/100

Dropdown and scrollable Text is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.

2 known CVEsLast CVE: May 25, 2022Updated 3yr ago
Risk Assessment

The 'dropdown-and-scrollable-text' plugin v2.1 exhibits a mixed security posture. While it demonstrates good practices in handling SQL queries with prepared statements and avoids file operations and external HTTP requests, several areas raise concern. The lack of nonce checks and capability checks on its two entry points (shortcodes) is a significant weakness, potentially exposing the plugin to various attacks if user-supplied data is not meticulously sanitized. Furthermore, only 40% of output is properly escaped, indicating a notable risk of Cross-Site Scripting (XSS) vulnerabilities, a pattern consistent with its past vulnerability history. Although there are no currently unpatched CVEs, the history of two medium-severity XSS vulnerabilities in the past suggests a recurring tendency for input validation and output escaping issues. The plugin has a small attack surface with no apparent critical taint flows, but the lack of protective measures on its entry points and the insufficient output escaping are significant red flags.

Key Concerns

  • Missing Nonce Checks on Entry Points
  • Missing Capability Checks on Entry Points
  • Insufficient Output Escaping
  • Past Medium Severity Vulnerabilities (XSS)
Vulnerabilities
2

Dropdown and scrollable Text Security Vulnerabilities

CVEs by Year

1 CVE in 2021
2021
1 CVE in 2022
2022
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

WF-b8cf9350-d207-49ae-865a-b2e016b41b55-dropdown-and-scrollable-textmedium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Dropdown and scrollable Text <= 2.0 - Cross-Site Scripting

May 25, 2022 Patched in 2.1 (608d)
CVE-2021-38353medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Dropdown and scrollable Text <= 2.0 Reflected Cross-Site Scripting

Sep 9, 2021 Patched in 2.1 (866d)
Code Analysis
Analyzed Mar 16, 2026

Dropdown and scrollable Text Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
26
17 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

40% escaped43 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
DST_Webodid_admin_Page (index.php:57)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Dropdown and scrollable Text Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[dropdowntext] index.php:212
[scrollabletext] index.php:226
WordPress Hooks 3
actionwp_enqueue_scriptsindex.php:28
actionadmin_enqueue_scriptsindex.php:40
actionadmin_menuindex.php:54
Maintenance & Trust

Dropdown and scrollable Text Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13
Last updatedMay 21, 2022
PHP min version5.4
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

Dropdown and scrollable Text Alternatives

Text Scroll Widget

Text Scroll Widget

text-scrolling-widget

A
85

Text Scroll Widget is a plugin to automatically scroll up the content inserted in the description area of the widget.

500 No CVEs
Scroll Text Widget

Scroll Text Widget

scroll-text-widget

A
85

Scroll Text Widget is a plugin to automically scroll up the content inserted in the description area of the widget.

200 No CVEs
Floating News Headline – Scrolling Text

Floating News Headline – Scrolling Text

floating-news-headline

A
85

Floating News Headline is easy and powerful scrolling text plugin for wordpress. scrolling text, news headline, scrolling headline

100 No CVEs
Scrolling Text Module for Beaver Builder

Scrolling Text Module for Beaver Builder

scrolling-text-module-for-beaver-builder

A
85

Adds a module to Beaver Builder to create scrolling text boxes.

100 No CVEs
Announceo – Scrolling Notification Bar

Announceo – Scrolling Notification Bar

announceo-scrolling-notification-bar

A
100

Announceo – Scrolling Notification Bar lets you display important announcements, offers, or messages at the top of your website in a clean and distrac &hellip;

40 No CVEs
Developer Profile

Dropdown and scrollable Text Developer Profile

pedram nasertorabi

3 plugins · 110 total installs

72
trust score
Avg Security Score
90/100
Avg Patch Time
737 days
View full developer profile
Detection Fingerprints

How We Detect Dropdown and scrollable Text

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/dropdown-and-scrollable-text/assets/dropdowncss.css/wp-content/plugins/dropdown-and-scrollable-text/assets/jquery.mCustomScrollbar.min.css/wp-content/plugins/dropdown-and-scrollable-text/assets/dropdownjs.js/wp-content/plugins/dropdown-and-scrollable-text/assets/jquery.mCustomScrollbar.concat.min.js/wp-content/plugins/dropdown-and-scrollable-text/assets/clipboard.min.js
Script Paths
assets/dropdownjs.jsassets/jquery.mCustomScrollbar.concat.min.jsassets/clipboard.min.js

HTML / DOM Fingerprints

CSS Classes
dst-adminover-xltr-dcopybtnshortcode-generatedtheme-demo
Data Attributes
data-clipboard-text
Shortcode Output
[scrollabletext[/scrollabletext][dropdowntext[/dropdowntext]
FAQ

Frequently Asked Questions about Dropdown and scrollable Text