ScrollKit – Nice Scrollbar Security & Risk Analysis

wordpress.org/plugins/scrollkit-nice-scrollbar

ScrollKit - Nice Scrollbar

0 active installs v1.0 PHP 5.6.3+ WP 5.1+ Updated Dec 15, 2019
awesome-scrollbarnice-scrollbarscrollscrollbar
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is ScrollKit – Nice Scrollbar Safe to Use in 2026?

Generally Safe

Score 85/100

ScrollKit – Nice Scrollbar has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "scrollkit-nice-scrollbar" v1.0 plugin exhibits a generally strong security posture from a static analysis perspective, with no identified dangerous functions, SQL injection vulnerabilities due to prepared statements, or external HTTP requests. The absence of any known CVEs or historical vulnerabilities further suggests a lack of readily exploitable issues or a history of neglect. However, a significant concern arises from the complete lack of output escaping, meaning any dynamically generated content within the plugin is vulnerable to cross-site scripting (XSS) attacks. Furthermore, the complete absence of nonce and capability checks across all identified entry points (though zero in this case) is a considerable weakness. While there are currently no entry points, if any were to be added in the future without proper security measures, they would be inherently unprotected. The plugin's strengths lie in its clean code regarding sensitive operations like SQL and file handling, but the unaddressed output sanitization and lack of foundational security checks on potential entry points represent critical oversight.

Key Concerns

  • Output escaping is not properly handled
  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

ScrollKit – Nice Scrollbar Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

ScrollKit – Nice Scrollbar Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

ScrollKit – Nice Scrollbar Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped1 total outputs
Attack Surface

ScrollKit – Nice Scrollbar Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionadmin_enqueue_scriptsindex.php:19
actionwp_enqueue_scriptsindex.php:20
actionadmin_menuindex.php:47
actionadmin_initindex.php:71
actionadmin_initindex.php:78
actionwp_headindex.php:156
Maintenance & Trust

ScrollKit – Nice Scrollbar Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedDec 15, 2019
PHP min version5.6.3
Downloads966

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

ScrollKit – Nice Scrollbar Developer Profile

Modina Theme

2 plugins · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ScrollKit – Nice Scrollbar

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/scrollkit-nice-scrollbar/assets/js/nicescroll.min.js/wp-content/plugins/scrollkit-nice-scrollbar/assets/js/jscolor.js
Script Paths
assets/js/nicescroll.min.jsassets/js/jscolor.js

HTML / DOM Fingerprints

CSS Classes
jscolor
Data Attributes
id="scrollkit_bar_color"name="scrollkit_option_fields[scrollkit_bar_color]"
FAQ

Frequently Asked Questions about ScrollKit – Nice Scrollbar