[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdAq7Q8vyn6kYqGNfKEBopgn9akImOKkDWo7mwRGeNIQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":20,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":35,"fingerprints":108},"hash-link-scroll-offset","Hash Link Scroll Offset","0.4.1","webdevstudios","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdevstudios\u002F","\u003Cp>Often anchor links can be overachievers and can scroll a user past the section intended. This plugin attempts to change that by offering a setting that allows you to change the scroll offset when clicking anchors. It also adds a nice animated scrolling effect when clicking an anchor rather than the sudden jump that usually occurs. Even handles when visiting a hashed URL directly.\u003C\u002Fp>\n\u003Cp>Use the \u003Ccode>no-scroll\u003C\u002Fcode> class on any hash links that are not meant to scroll to an area of the page (Navigation for sliders, etc).\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpluginize.com\u002F?utm_source=hash-link-scroll&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">Pluginize\u003C\u002Fa> was launched in 2016 by \u003Ca href=\"https:\u002F\u002Fwebdevstudios.com\u002F\" rel=\"nofollow ugc\">WebDevStudios\u003C\u002Fa> to promote, support, and house all of their \u003Ca href=\"https:\u002F\u002Fpluginize.com\u002Fshop\u002F?utm_source=hash-link-scroll&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">WordPress products\u003C\u002Fa>. Pluginize is not only creating new products for WordPress all the time, but also provides \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-post-type-ui\u002F\" rel=\"ugc\">ongoing support and development for WordPress community favorites like CPTUI\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcmb2\u002F\" rel=\"ugc\">CMB2\u003C\u002Fa>, and more.\u003C\u002Fp>\n","Offset the scroll position of anchored links. Handy if you have a sticky header that covers linked material.",1000,24787,94,15,"2026-01-07T22:45:00.000Z","6.9.4","5.5","",[],"http:\u002F\u002Fwebdevstudios.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhash-link-scroll-offset.0.4.1.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},9,1018190,93,705,74,"2026-04-04T14:39:07.301Z",[],{"attackSurface":36,"codeSignals":63,"taintFlows":71,"riskAssessment":99,"analyzedAt":107},{"hooks":37,"ajaxHandlers":59,"restRoutes":60,"shortcodes":61,"cronEvents":62,"entryPointCount":23,"unprotectedCount":23},[38,43,46,51,55],{"type":39,"name":40,"callback":40,"file":41,"line":42},"action","init","hash-link-scroll-offset.php",80,{"type":39,"name":40,"callback":44,"file":41,"line":45},"static_properties",81,{"type":47,"name":48,"callback":49,"file":41,"line":50},"filter","admin_init","admin_hooks",82,{"type":39,"name":52,"callback":53,"file":41,"line":54},"wp_enqueue_scripts","enqueue_js",83,{"type":39,"name":56,"callback":57,"file":41,"line":58},"all_admin_notices","admin_notice_activated",107,[],[],[],[],{"dangerousFunctions":64,"sqlUsage":65,"outputEscaping":67,"fileOperations":23,"externalRequests":23,"nonceChecks":23,"capabilityChecks":23,"bundledLibraries":70},[],{"prepared":23,"raw":23,"locations":66},[],{"escaped":68,"rawEcho":23,"locations":69},6,[],[],[72,91],{"entryPoint":73,"graph":74,"unsanitizedCount":23,"severity":90},"fields_html (hash-link-scroll-offset.php:184)",{"nodes":75,"edges":87},[76,81],{"id":77,"type":78,"label":79,"file":41,"line":80},"n0","source","$_GET",185,{"id":82,"type":83,"label":84,"file":41,"line":85,"wp_function":86},"n1","sink","echo() [XSS]",201,"echo",[88],{"from":77,"to":82,"sanitized":89},true,"low",{"entryPoint":92,"graph":93,"unsanitizedCount":23,"severity":90},"\u003Chash-link-scroll-offset> (hash-link-scroll-offset.php:0)",{"nodes":94,"edges":97},[95,96],{"id":77,"type":78,"label":79,"file":41,"line":80},{"id":82,"type":83,"label":84,"file":41,"line":85,"wp_function":86},[98],{"from":77,"to":82,"sanitized":89},{"summary":100,"deductions":101},"The \"hash-link-scroll-offset\" plugin version 0.4.1 demonstrates a strong security posture based on the provided static analysis and vulnerability history. The code analysis reveals no dangerous functions, all SQL queries utilize prepared statements, and all output is properly escaped. Crucially, there are no identified flows with unsanitized paths, and the plugin has a completely clean vulnerability history with zero known CVEs. The attack surface is also zero, indicating no AJAX handlers, REST API routes, shortcodes, or cron events exposed, which significantly reduces potential entry points for attackers.\n\nHowever, the analysis does highlight a complete absence of nonce checks and capability checks. While the current attack surface is zero, this lack of authentication and authorization mechanisms on potential entry points, if they were to be introduced in future versions or through interaction with other plugins, represents a latent risk. This is a concerning area as it deviates from best practices for WordPress plugin development, where such checks are vital for preventing unauthorized actions and ensuring secure interactions.\n\nIn conclusion, the plugin is currently very secure due to its minimal attack surface and absence of vulnerabilities. The lack of any exploitable code signals or historical issues is a significant strength. The primary weakness lies in the complete omission of nonce and capability checks, which, while not posing an immediate threat in the current version, is a significant oversight that could lead to vulnerabilities if the plugin's functionality expands or interacts with other components in the future. This suggests a developer who is cautious about common vulnerability types but perhaps less familiar with robust WordPress security primitives for handling user interactions.",[102,105],{"reason":103,"points":104},"Missing nonce checks",5,{"reason":106,"points":104},"Missing capability checks","2026-03-16T18:53:26.175Z",{"wat":109,"direct":119},{"assetPaths":110,"generatorPatterns":113,"scriptPaths":114,"versionParams":116},[111,112],"\u002Fwp-content\u002Fplugins\u002Fhash-link-scroll-offset\u002Fassets\u002Fjs\u002Fhash-link-scroll-offset.js","\u002Fwp-content\u002Fplugins\u002Fhash-link-scroll-offset\u002Fassets\u002Fjs\u002Fhash-link-scroll-offset.min.js",[],[115],"assets\u002Fjs\u002Fhash-link-scroll-offset.min.asset.php",[117,118],"hash-link-scroll-offset\u002Fstyle.css?ver=","hash-link-scroll-offset.min.js?ver=",{"cssClasses":120,"htmlComments":123,"htmlAttributes":124,"restEndpoints":126,"jsGlobals":127,"shortcodeOutput":129},[121,122],"hash_link_scroll_offset_setting_label","hash_link_scroll_offset_setting_wrap",[],[125],"hash_link_scroll_offset",[],[128],"hlsOffset",[]]