Does Vertical scroll recent comments have any unpatched vulnerabilities?

No. All known vulnerabilities in Vertical scroll recent comments have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Vertical scroll recent comments compatible with WordPress 6.1.10?

According to WordPress.org data, Vertical scroll recent comments 12.2 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is Vertical scroll recent comments updated?

Vertical scroll recent comments was last updated on Dec 1, 2022. Frequent updates are generally a positive security signal.

What is Vertical scroll recent comments's security score?

Vertical scroll recent comments has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Vertical scroll recent comments Security & Risk Analysis

wordpress.org/plugins/vertical-scroll-recent-comments

Vertical scroll recent comments wordpress plugin will scroll the recent post comment vertically (bottom to top) in the widget.

100 active installs v12.2 PHP + WP 3.4+ Updated Dec 1, 2022

commentrecentscrollverticalwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Vertical scroll recent comments Safe to Use in 2026?

Generally Safe

Score 85/100

Vertical scroll recent comments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "vertical-scroll-recent-comments" plugin v12.2 exhibits a generally good security posture based on the provided static analysis. The absence of any known CVEs and its clean vulnerability history are positive indicators. The plugin has a minimal attack surface, with only one shortcode identified and no AJAX handlers or REST API routes exposed without proper checks. Furthermore, there are no critical or high-severity taint flows detected, suggesting a cautious approach to handling user input. However, there are areas for improvement. The presence of a SQL query that does not use prepared statements is a notable concern, as it could be susceptible to SQL injection if not properly sanitized elsewhere. Additionally, only 35% of output escaping is considered proper, which could lead to cross-site scripting (XSS) vulnerabilities if untrusted data is displayed directly in the frontend without adequate sanitization. The plugin also lacks capability checks on its entry points, meaning any authenticated user could potentially trigger the shortcode, though the impact is limited given the other security measures.

Key Concerns

SQL query without prepared statements
Low percentage of properly escaped output
Missing capability checks on entry points

Vulnerabilities

None known

Vertical scroll recent comments Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Vertical scroll recent comments Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

35% escaped23 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

vsrc_admin_options (vertical-scroll-recent-comments.php:182)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Vertical scroll recent comments Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[vertical-scroll-recent-comments] vertical-scroll-recent-comments.php:347

WordPress Hooks 3

actionadmin_menuvertical-scroll-recent-comments.php:334

actionplugins_loadedvertical-scroll-recent-comments.php:348

actionplugins_loadedvertical-scroll-recent-comments.php:349

Maintenance & Trust

Vertical scroll recent comments Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedDec 1, 2022

PHP min version

Downloads49K

Community Trust

Rating100/100

Number of ratings1

Active installs100

Alternatives

Vertical scroll recent comments Alternatives

vertical scroll recent registered user

vertical-scroll-recent-registered-user

Vertical scroll recent registered user wordpress plugin create the scroller in the widget with recently registered user avatar, username and date.

20 No CVEs

Post Slider and Post Carousel with Post Vertical Scrolling Widget – A Responsive Post Slider

post-slider-and-carousel

Post Slider and Post Carousel display WordPress post in slider and carousel layouts with shortcode and Latest/Recent vertical post scrolling widget.

10K 1 CVE

WP News and Scrolling Widgets

sp-news-and-widget

100

A quick, easy way to add an News custom post type, News widget, vertical scrolling news widget to WordPress. Also work with Gutenberg shortcode block.

10K No CVEs

News Announcement Scroll

news-announcement-scroll

News Announcement Scroll is a simple vertical scroll news widget for your WordPress website. Easy to use & no coding knowledge required.

2K 2 CVEs

Developer Profile

Vertical scroll recent comments Developer Profile

gopiplus

52 plugins · 19K total installs

trust score

Avg Security Score

83/100

Avg Patch Time

70 days

View full developer profile

Detection Fingerprints

How We Detect Vertical scroll recent comments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vertical-scroll-recent-comments/vertical-scroll-recent-comments.js

Script Paths

/wp-content/plugins/vertical-scroll-recent-comments/vertical-scroll-recent-comments.js

HTML / DOM Fingerprints

CSS Classes

vsrc-regimagvsrc_div

Data Attributes

id="vsrc_Holder"

JS Globals

vsrc_arrayvsrc_objvsrc_scrollPosvsrc_numScrollsvsrc_heightOfElmvsrc_numberOfElm+4 more

Shortcode Output

[vertical-scroll-recent-comments]

FAQ