Does Scroll To Top have any unpatched vulnerabilities?

No. All known vulnerabilities in Scroll To Top have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Scroll To Top compatible with WordPress 6.8.5?

According to WordPress.org data, Scroll To Top 1.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Scroll To Top updated?

Scroll To Top was last updated on Sep 10, 2025. Frequent updates are generally a positive security signal.

What is Scroll To Top's security score?

Scroll To Top has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Scroll To Top Security & Risk Analysis

wordpress.org/plugins/tp-back-to-top

Tp Scroll Top is fully responsive plugin for WordPress.

300 active installs v1.6 PHP + WP 4.0+ Updated Sep 10, 2025

arrowbackback-to-topbuttonicon

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Scroll To Top Safe to Use in 2026?

Generally Safe

Score 100/100

Scroll To Top has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "tp-back-to-top" plugin v1.6 exhibits a strong security posture based on the provided static analysis. The absence of any detectable attack surface, dangerous functions, raw SQL queries, file operations, or external HTTP requests is highly commendable. The code adheres to good security practices with a high percentage of output escaping and the presence of nonce and capability checks, indicating a thoughtful approach to input validation and authorization. The taint analysis also reveals no unsanitized paths, further reinforcing its apparent safety.

The vulnerability history is clean, with no known CVEs recorded. This, combined with the lack of any reported vulnerabilities in the past, suggests a well-maintained and secure plugin. The plugin's strengths lie in its minimal attack surface and robust code-level security measures. However, it's important to acknowledge that static analysis and historical data only provide a partial picture. Real-world exploitation vectors can sometimes emerge from unforeseen interactions or logic flaws not captured by these methods.

In conclusion, based solely on the provided data, "tp-back-to-top" v1.6 appears to be a very secure plugin. Its developers have clearly prioritized security by minimizing potential entry points and implementing sound coding practices. The lack of any historical or static analysis-derived vulnerabilities indicates a low risk profile for this plugin.

Vulnerabilities

None known

Scroll To Top Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Scroll To Top Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

32 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

84% escaped38 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<tp-scroll-top-admin> (admin\tp-scroll-top-admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Scroll To Top Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actioninittp-scroll-top.php:28

actionplugins_loadedtp-scroll-top.php:34

actionadmin_inittp-scroll-top.php:47

actionwp_headtp-scroll-top.php:69

actionwp_headtp-scroll-top.php:92

actionadmin_menutp-scroll-top.php:115

Maintenance & Trust

Scroll To Top Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 10, 2025

PHP min version

Downloads11K

Community Trust

Rating60/100

Number of ratings2

Active installs300

Alternatives

Scroll To Top Alternatives

Click to top

click-to-top

A wordpress plugin to create a customisable Click To Top feature.

2K 2 CVEs

Sticky Back2Top Universal

sticky-back2top-for-genesis

Tested up to: 5.1.1 Adds a sticky icon to any WordPress site, gently returning users to the top. Works on all themes, but optimized for Genesis.

100 No CVEs

To Top

to-top

100

To Top is a nifty lightweight plugin. It adds a highly customizable button, which when clicked, scrolls up smoothly to the top of a page.

60K No CVEs

Smooth Back To Top Button

smooth-back-to-top-button

100

Smooth Back To Top button with scroll progress indicator.

40K No CVEs

Scroll To Top

scroll-top

Automatically adds a flexible Back to Top button to your WordPress website that allows your visitor to scroll back to the top of your page with one cl …

20K 1 CVE

Developer Profile

Scroll To Top Developer Profile

Themepoints

19 plugins · 10K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

66 days

View full developer profile

Detection Fingerprints

How We Detect Scroll To Top

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tp-back-to-top/css/tp-scroll-top.css/wp-content/plugins/tp-back-to-top/js/ap-scroll-top.js/wp-content/plugins/tp-back-to-top/js/color-picker.js

Script Paths

/wp-content/plugins/tp-back-to-top/js/ap-scroll-top.js/wp-content/plugins/tp-back-to-top/js/color-picker.js

HTML / DOM Fingerprints

CSS Classes

apst-button

FAQ