Does Top Scroller have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Top Scroller compatible with WordPress 5.8.13?

According to WordPress.org data, Top Scroller 1.0.0 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is Top Scroller compatible with PHP 7.2+?

Top Scroller requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Top Scroller updated?

Top Scroller was last updated on Sep 6, 2021. Frequent updates are generally a positive security signal.

What is Top Scroller's security score?

Top Scroller has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Top Scroller Security & Risk Analysis

wordpress.org/plugins/top-scroller

Top Scroller plugin allows the visitor to easily and safely scroll back to the top of the page.

100 active installs v1.0.0 PHP 7.2+ WP 5.2+ Updated Sep 6, 2021

float-to-topgo-to-topscroll-buttonscroll-to-topscroll-up

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Top Scroller Safe to Use in 2026?

Generally Safe

Score 85/100

Top Scroller has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "top-scroller" plugin v1.0.0 exhibits a generally good security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events significantly limits its attack surface. The code also demonstrates strong practices by using prepared statements for all SQL queries, performing file operations responsibly, and avoiding external HTTP requests. The presence of a nonce check is also a positive indicator of security awareness.

However, a notable concern arises from the output escaping. With 29 total outputs, only 76% are properly escaped, leaving 7 outputs potentially vulnerable to cross-site scripting (XSS) attacks. While the taint analysis did not reveal any critical or high severity unsanitized flows, this percentage of unescaped output warrants attention. The plugin's vulnerability history is clean, with no recorded CVEs, which is a strong positive. This, combined with the limited attack surface, suggests that past development has been security-conscious.

In conclusion, "top-scroller" v1.0.0 is largely secure with minimal attack vectors and good coding practices in place. The primary weakness lies in the incomplete output escaping, which could lead to XSS vulnerabilities if user-supplied data is not properly sanitized before display. Addressing the unescaped outputs should be the priority to further strengthen its security.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Top Scroller Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Top Scroller Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 16, 2026

Top Scroller Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

76% escaped29 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<admin> (manage\admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Top Scroller Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionwp_headscroll_to_top_btn.php:47

actioninitscroll_to_top_btn.php:50

actionwp_footerscroll_to_top_btn.php:53

actionadmin_menuscroll_to_top_btn.php:56

actionadmin_enqueue_scriptsscroll_to_top_btn.php:59

actionwp_enqueue_scriptsscroll_to_top_btn.php:62

filteradmin_footer_textscroll_to_top_btn.php:65

Maintenance & Trust

Top Scroller Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedSep 6, 2021

PHP min version7.2

Downloads2K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

Top Scroller Alternatives

Scroll To Top or Bottom

scroll-to-top-or-bottom

Easy to use scroll to top and bottom plugin.

70 No CVEs

Scroll to Top

mdc-scroll-to-top

Scroll to Top button for your WordPress site.

30 No CVEs

Simple Scroll Up Button

simple-scroll-up-button

Simple Scroll Up Button is a lightweight plugin which adds a simple scroll up button on the page of your WordPress website.

30 No CVEs

WPFront Scroll Top

wpfront-scroll-top

100

Adds a lightweight and smooth "Scroll to Top" button to your WordPress site, improving navigation and user experience with customizable options.

200K 1 CVE

Scroll Back To Top Button

scrollup-master

This is just a very simple plugin to have a scroll back to top button throughout your whole blog/site.

4K No CVEs

Developer Profile

Top Scroller Developer Profile

hamzaakram25

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Top Scroller

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/top-scroller/css/all.min.css/wp-content/plugins/top-scroller/js/scroll_to_top_colorPicker.js/wp-content/plugins/top-scroller/css/to_top_style.php/wp-content/plugins/top-scroller/js/to_top_btn.php

Script Paths

/wp-content/plugins/top-scroller/js/scroll_to_top_colorPicker.js/wp-content/plugins/top-scroller/js/to_top_btn.php

Version Parameters

top-scroller/js/scroll_to_top_colorPicker.js?ver=top-scroller/css/all.min.css?ver=top-scroller/js/to_top_btn.php?ver=

HTML / DOM Fingerprints

CSS Classes

To_top_btn

FAQ