Does LZ Scroll Bar have any unpatched vulnerabilities?

No. All known vulnerabilities in LZ Scroll Bar have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LZ Scroll Bar compatible with WordPress 5.7.15?

According to WordPress.org data, LZ Scroll Bar 1.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is LZ Scroll Bar updated?

LZ Scroll Bar was last updated on May 16, 2021. Frequent updates are generally a positive security signal.

What is LZ Scroll Bar's security score?

LZ Scroll Bar has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LZ Scroll Bar Security & Risk Analysis

wordpress.org/plugins/lz-scroll-bar

LZ Scroll Bar Up is an awesome, Super lightweight plugin for your wordpress website

0 active installs v1.0 PHP + WP 3.0.1+ Updated May 16, 2021

back-to-toplink-to-topnavigationscrollscroll-back-to-top

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LZ Scroll Bar Safe to Use in 2026?

Generally Safe

Score 85/100

LZ Scroll Bar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "lz-scroll-bar" plugin version 1.0 exhibits a mixed security posture. On the positive side, the static analysis reveals no dangerous functions, SQL queries executed without prepared statements, file operations, or external HTTP requests. Furthermore, there is no recorded vulnerability history, suggesting a clean past. However, a significant concern arises from the complete lack of output escaping (0% properly escaped). This indicates that any data displayed by the plugin to users, especially if it originates from user input or external sources, is vulnerable to cross-site scripting (XSS) attacks. The absence of nonce and capability checks on potential entry points, though the attack surface is reported as zero, is also a weakness that could be exploited if new entry points were to be introduced without proper security measures.

Key Concerns

No output escaping detected
No nonce checks
No capability checks

Vulnerabilities

None known

LZ Scroll Bar Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

LZ Scroll Bar Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped14 total outputs

Attack Surface

LZ Scroll Bar Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actioninitplugin-main.php:16

actionadmin_menuplugin-main.php:35

actionadmin_enqueue_scriptsplugin-main.php:43

actionadmin_initplugin-main.php:66

actionwp_headplugin-main.php:213

Maintenance & Trust

LZ Scroll Bar Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedMay 16, 2021

PHP min version

Downloads817

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

LZ Scroll Bar Alternatives

LZ Scroll Up

lz-scroll-up

LZ Scroll Up is an awesome, Super lightweight plugin for your wordpress website

10 No CVEs

Beam me up Scotty – Back to Top Button

beam-me-up-scotty

Add a back to top button to your site quickly and easily with this simple and easy to configure plugin.

1K 1 unpatched

Smooth Scroll Up

smooth-scroll-up

Smooth Scroll Up is a lightweight plugin that creates a customizable back to top feature in your WordPress website.

7K No CVEs

Back To Top Pro

back-to-top-pro

100

Scroll To Top plus 3 more Buttons including Back to Top, Home, Back and Email Buttons. Multiple styles, colors, position, sizes, opacity and more

100 No CVEs

Scrollr

scrollr

100

Scroll smoothly to a page's section or push it back to the top.

100 No CVEs

Developer Profile

LZ Scroll Bar Developer Profile

Nazmul Islam

3 plugins · 10 total installs

trust score

Avg Security Score

90/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect LZ Scroll Bar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lz-scroll-bar/js/jquery.nicescroll.min.js/wp-content/plugins/lz-scroll-bar/css/lz-scroll.css/wp-content/plugins/lz-scroll-bar/js/color-pickr.js

Script Paths

/wp-content/plugins/lz-scroll-bar/js/jquery.nicescroll.min.js/wp-content/plugins/lz-scroll-bar/js/color-pickr.js

HTML / DOM Fingerprints

Data Attributes

id="cursor_color"name="lzscrollbar_options[cursor_color]"class="lz-color-field"id="cursor_width"name="lzscrollbar_options[cursor_width]"id="cursor_border"+6 more

JS Globals

window.jQuery(document).ready(function(){jQuery("html").niceScroll({

FAQ