WP Scroll Top Security & Risk Analysis
wordpress.org/plugins/wp-scroll-topWP Scroll Top plugin allows the visitor to easily scroll to the top of the page.
Is WP Scroll Top Safe to Use in 2026?
Generally Safe
Score 85/100WP Scroll Top has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wp-scroll-top plugin v1.0.0 exhibits a generally positive security posture based on the provided static analysis. The absence of SQL queries without prepared statements, file operations, and external HTTP requests are strong indicators of secure coding practices. The plugin also shows no known vulnerabilities or CVEs, suggesting a history of stability and security.
However, a significant concern lies in the output escaping, where only 66% of the outputs are properly escaped. This could potentially lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed. Additionally, the complete lack of nonce checks and capability checks on any entry points, combined with zero AJAX handlers and REST API routes, is unusual. While this might imply a minimal attack surface, it also means there are no built-in mechanisms to verify user permissions or prevent CSRF attacks if any functionality were to be added or exposed in the future.
Overall, the plugin is relatively secure due to its limited functionality and absence of critical vulnerabilities. The primary area for improvement is reinforcing output escaping and considering basic security checks like nonces if the plugin's functionality were to expand or interact more with user input. The current state is good for a minimal plugin, but potential future enhancements would require more robust security measures.
Key Concerns
- Output escaping is not consistently applied
- No nonce checks implemented
- No capability checks implemented
WP Scroll Top Security Vulnerabilities
WP Scroll Top Release Timeline
WP Scroll Top Code Analysis
Output Escaping
WP Scroll Top Attack Surface
WordPress Hooks 8
Maintenance & Trust
WP Scroll Top Maintenance & Trust
Maintenance Signals
Community Trust
WP Scroll Top Alternatives
WPFront Scroll Top
wpfront-scroll-top
Adds a lightweight and smooth "Scroll to Top" button to your WordPress site, improving navigation and user experience with customizable options.
Flexible Scroll Top
flexible-scroll-top
Add a slick, lightweight and customizable scroll to top button that uses SVG icon with no jQuery dependency.
MM Scroll To Top
tap-to-top
Tap the button and scroll to top immediately.
Scroll to top button
wp-scroll-2
Scroll to top button plugin is an simple and nice plugin with the standard settings.
AR Back To Top
ar-back-to-top
AR Back To Top is a standard WordPress plugin for back to top.
WP Scroll Top Developer Profile
2 plugins · 20 total installs
How We Detect WP Scroll Top
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-scroll-top/admin/css/wp-scroll-top-admin.css/wp-content/plugins/wp-scroll-top/admin/js/wp-scroll-top-admin.js/wp-content/plugins/wp-scroll-top/includes/js/custom.js/wp-content/plugins/wp-scroll-top/includes/js/jquery.waypoints.min.js/wp-content/plugins/wp-scroll-top/includes/js/simple-smooth-scroll.min.js/wp-content/plugins/wp-scroll-top/admin/js/wp-scroll-top-admin.js/wp-content/plugins/wp-scroll-top/includes/js/custom.js/wp-content/plugins/wp-scroll-top/includes/js/jquery.waypoints.min.js/wp-content/plugins/wp-scroll-top/includes/js/simple-smooth-scroll.min.jswp-scroll-top/admin/css/wp-scroll-top-admin.css?ver=wp-scroll-top/admin/js/wp-scroll-top-admin.js?ver=wp-scroll-top/includes/js/custom.js?ver=wp-scroll-top/includes/js/jquery.waypoints.min.js?ver=wp-scroll-top/includes/js/simple-smooth-scroll.min.js?ver=HTML / DOM Fingerprints
wp-scroll-top-buttondata-scroll-topwpscrolltopwpscrolltop_obj[wpscrolltop_button]