Smoothscroller Security & Risk Analysis
wordpress.org/plugins/smoothscrollerThis plugin adds a smooth scroll effect to anchor links on the same page. Options to add the effect globally or on certain posts/pages.
Is Smoothscroller Safe to Use in 2026?
Generally Safe
Score 100/100Smoothscroller has a strong security track record. Known vulnerabilities have been patched promptly.
The "smoothscroller" plugin v1.1.0 exhibits a generally good security posture with no identified critical or high severity vulnerabilities in the static analysis or taint analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests are all positive indicators. However, a significant concern arises from the output escaping, where only 25% of the 12 outputs are properly escaped. This leaves a substantial portion of the plugin's output potentially vulnerable to Cross-Site Scripting (XSS) attacks, especially if user-supplied data is involved in these unescaped outputs.
The vulnerability history reveals a past medium severity vulnerability, specifically an Improper Neutralization of Input During Web Page Generation (XSS), which was last patched in June 2023. While there are no currently unpatched vulnerabilities, this history, coupled with the static analysis findings on output escaping, suggests a recurring pattern of potential XSS risks. The plugin has a limited attack surface, which is positive, but the lack of comprehensive output sanitization on a majority of its outputs presents a notable weakness that could be exploited.
In conclusion, the "smoothscroller" plugin has strengths in its minimal attack surface and secure handling of database queries and external requests. Nevertheless, the prevalent issue with output escaping and the historical XSS vulnerability necessitate careful consideration and potential remediation to fully secure the plugin against potential attacks.
Key Concerns
- Insufficient output escaping
- Past medium severity XSS vulnerability
Smoothscroller Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Smoothscroller <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
Smoothscroller Code Analysis
Output Escaping
Smoothscroller Attack Surface
WordPress Hooks 4
Maintenance & Trust
Smoothscroller Maintenance & Trust
Maintenance Signals
Community Trust
Smoothscroller Alternatives
Fast Smooth Scroll
fast-smooth-scroll
This lightweight plugin enhances user experience by enabling smooth scrolling for anchor links without the need for jQuery or other dependencies.
jQuery Smooth Scroll
jquery-smooth-scroll
Activate the plugin for smooth scrolling and smooth "back to top" feature.
WP Smoother – Smooth Scroll, Anchor Scroll, Fade Animations
wp-smoother
Make your site super smooth, WP Smoother has features such as: smooth mouse wheel scrolling, smooth anchor scrolling and page load fading animations!
WP LocalScroll
wp-localscroll
This plugin will animate a regular anchor navigation with a smooth scrolling effect.
Mythic Smooth Scroll
mythic-smooth-scroll
Smooth scrolling plugin with optional offset for fixed/sticky headers.
Smoothscroller Developer Profile
8 plugins · 9K total installs
How We Detect Smoothscroller
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/smoothscroller/js/localscroll-init.js//cdn.jsdelivr.net/jquery.scrollto/2.1.1/jquery.scrollTo.min.js//cdn.jsdelivr.net/jquery.localscroll/1.4.0/jquery.localScroll.min.js/wp-content/plugins/smoothscroller/js/localscroll-init.jsjquery.scrollto/2.1.1/jquery.scrollTo.min.js?ver=jquery.localscroll/1.4.0/jquery.localScroll.min.js?ver=js/localscroll-init.js?ver=HTML / DOM Fingerprints
id="ss_speed_duration"name="smoothscroller_settings[ss_speed_duration]"id="ss_all_pages"name="smoothscroller_settings[ss_all_pages]"id="ss_front_page"name="smoothscroller_settings[ss_front_page]"+4 morescrollVars