WP-Safety

Scroll Down Arrow Security & Risk Analysis

wordpress.org/plugins/scroll-down-arrow

Encourage your website visitors to scroll down and view more content with this simple plugin.

800 active installs v1.3.1 PHP 5.6+ WP 5.2+ Updated Dec 14, 2025
arrowcontentdownpage-downscroll
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Scroll Down Arrow Safe to Use in 2026?

Generally Safe

Score 100/100

Scroll Down Arrow has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "scroll-down-arrow" plugin v1.3.1 presents a mixed security posture. On the positive side, it demonstrates good practices in using prepared statements for SQL queries (89%), proper output escaping (93%), and a lack of external HTTP requests or file operations. The absence of any recorded vulnerabilities in its history is also a strong indicator of a generally secure development approach. However, a significant concern arises from its attack surface. All four identified AJAX handlers lack authentication checks, creating a direct path for unauthenticated users to interact with potentially sensitive plugin functionalities. The presence of the `unserialize` function, although potentially used in a controlled environment, is always a red flag as it can lead to remote code execution vulnerabilities if not handled with extreme care and proper sanitization of the serialized data.

Key Concerns

  • Unprotected AJAX handlers
  • Use of unserialize function
Vulnerabilities
None known

Scroll Down Arrow Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Scroll Down Arrow Code Analysis

Dangerous Functions
2
Raw SQL Queries
1
8 prepared
Unescaped Output
24
327 escaped
Nonce Checks
2
Capability Checks
15
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$unserialized_error_message = unserialize( $serialized_error_message ); //base64_decode(unserialize(includes\system\class-epda-logging.php:53
unserialize$unserialized_stackMsg = unserialize( $serialized_stackMsg ); //base64_decode(unserialize( $serializincludes\system\class-epda-logging.php:155

SQL Query Safety

89% prepared9 total queries

Output Escaping

93% escaped351 total outputs
Attack Surface
4 unprotected

Scroll Down Arrow Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_epda_save_da_settingsincludes\admin\da-configuration\class-epda-config-ctrl.php:9
noprivwp_ajax_epda_save_da_settingsincludes\admin\da-configuration\class-epda-config-ctrl.php:10
authwp_ajax_epda_search_locationsincludes\admin\da-configuration\class-epda-config-ctrl.php:12
noprivwp_ajax_epda_search_locationsincludes\admin\da-configuration\class-epda-config-ctrl.php:13
WordPress Hooks 9
actionadmin_menuincludes\admin\admin-menu.php:13
filtersafe_style_cssincludes\class-epda-utilities.php:722
actionwp_footerincludes\features\class-epda-arrow-view.php:9
actionepda_enqueue_arrow_resourcesincludes\system\scripts-registration.php:12
actionepda_enqueue_help_dialog_scriptsincludes\system\scripts-registration.php:44
actionadmin_enqueue_scriptsincludes\system\scripts-registration.php:91
actionplugins_loadedscroll-down-arrow.php:76
actionadmin_enqueue_scriptsscroll-down-arrow.php:134
actionadmin_enqueue_scriptsscroll-down-arrow.php:139
Maintenance & Trust

Scroll Down Arrow Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 14, 2025
PHP min version5.6
Downloads5K

Community Trust

Rating100/100
Number of ratings2
Active installs800
Alternatives

Scroll Down Arrow Alternatives

To Top

To Top

to-top

A
100

To Top is a nifty lightweight plugin. It adds a highly customizable button, which when clicked, scrolls up smoothly to the top of a page.

60K No CVEs
Click to top

Click to top

click-to-top

A
99

A wordpress plugin to create a customisable Click To Top feature.

2K 2 CVEs
Download PDF After Submit Form

Download PDF After Submit Form

download-pdf-after-submit-form

A
100

Easily allow users to download PDFs after submitting a form with customizable shortcodes. No coding required – just install and configure!

500 No CVEs
Simple Owl Carousel

Simple Owl Carousel

simple-owl-carousel

C
64

Based on the Owl Carousel, an extremely powerful, robust & responsive customizable plugin.

500 1 unpatched
Update from Bottom

Update from Bottom

update-from-bottom

A
85

Shows two extra buttons (Scroll to top and Publish/Update) in the bottom of the screen when user scrolls near bottom.

400 No CVEs
Developer Profile

Scroll Down Arrow Developer Profile

echoplugins

5 plugins · 14K total installs

100
trust score
Avg Security Score
100/100
Avg Patch Time
3 days
View full developer profile
Detection Fingerprints

How We Detect Scroll Down Arrow

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/scroll-down-arrow/css/public-styles.css/wp-content/plugins/scroll-down-arrow/js/public-scripts.js/wp-content/plugins/scroll-down-arrow/css/admin-plugin-pages.css/wp-content/plugins/scroll-down-arrow/css/admin-icon.css/wp-content/plugins/scroll-down-arrow/js/admin-plugin-pages.js
Script Paths
/wp-content/plugins/scroll-down-arrow/js/public-scripts.js/wp-content/plugins/scroll-down-arrow/js/admin-plugin-pages.js
Version Parameters
scroll-down-arrow/css/public-styles.css?ver=scroll-down-arrow/js/public-scripts.js?ver=scroll-down-arrow/css/admin-plugin-pages.css?ver=scroll-down-arrow/css/admin-icon.css?ver=scroll-down-arrow/js/admin-plugin-pages.js?ver=

HTML / DOM Fingerprints

CSS Classes
epda-scroll-down-arrowepda-arrow-icon
Data Attributes
data-epda-id
JS Globals
epda_vars
FAQ

Frequently Asked Questions about Scroll Down Arrow