[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpb07cxwH7ebMTVKdioiruljeCAmJGusoPgoh6LSj714":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":38,"fingerprints":180},"wp-smoother","WP Smoother – Smooth Scroll, Anchor Scroll, Fade Animations","1.1.0","harryrobinson","https:\u002F\u002Fprofiles.wordpress.org\u002Fharryrobinson\u002F","\u003Cp>This simple yet elegant plugin will allow you to make your site super smooth!\u003Cbr \u002F>\nAll features are editable and can be removed or changed to fit your needs.\u003C\u002Fp>\n\u003Cp>Breakdown of features below:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Smooth Mouse Wheel Scrolling\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable \u002F disable functionality\u003C\u002Fli>\n\u003Cli>Editable scroll distance ( in pixels )\u003C\u002Fli>\n\u003Cli>Editable scroll animation time ( in milliseconds )\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\n  \u003Cstrong>Smooth Anchor Scrolling\u003C\u002Fstrong>\n\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable \u002F disable functionality\u003C\u002Fli>\n\u003Cli>Editable anchor scroll animation time ( in milliseconds )\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\n    \u003Cstrong>Fade Animations on Page Load\u003C\u002Fstrong>\n  \u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n      Enable \u002F disable functionality\n    \u003C\u002Fli>\n\u003Cli>\n      Fade animation time ( in milliseconds )\n    \u003C\u002Fli>\n\u003Cli>\n      Enable on homepage only option\n    \u003C\u002Fli>\n\u003C\u002Ful>\n","Make your site super smooth, WP Smoother has features such as: smooth mouse wheel scrolling, smooth anchor scrolling and page load fading animations!",200,6606,94,6,"2017-07-29T10:56:00.000Z","4.8.28","3.7.10","",[20,21,22,23,24],"anchor-scroll","mouse-wheel-scroll","page-fade","smooth-mousewheel-scroll","smooth-site","https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fharry-robinson-0660a6126\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-smoother.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-05T09:43:20.134Z",[],{"attackSurface":39,"codeSignals":67,"taintFlows":127,"riskAssessment":167,"analyzedAt":179},{"hooks":40,"ajaxHandlers":63,"restRoutes":64,"shortcodes":65,"cronEvents":66,"entryPointCount":28,"unprotectedCount":28},[41,47,50,52,55,58,61],{"type":42,"name":43,"callback":44,"file":45,"line":46},"action","plugins_loaded","anonymous","includes\\class-wp-smoother.php",139,{"type":42,"name":48,"callback":44,"file":45,"line":49},"admin_enqueue_scripts",154,{"type":42,"name":48,"callback":44,"file":45,"line":51},155,{"type":42,"name":53,"callback":44,"file":45,"line":54},"admin_menu",157,{"type":42,"name":56,"callback":44,"file":45,"line":57},"admin_init",163,{"type":42,"name":59,"callback":44,"file":45,"line":60},"wp_enqueue_scripts",178,{"type":42,"name":59,"callback":44,"file":45,"line":62},179,[],[],[],[],{"dangerousFunctions":68,"sqlUsage":69,"outputEscaping":71,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":126},[],{"prepared":28,"raw":28,"locations":70},[],{"escaped":72,"rawEcho":73,"locations":74},2,31,[75,79,81,82,84,86,87,89,90,91,93,94,95,97,98,99,101,102,103,105,107,108,110,111,112,115,117,118,120,123,124],{"file":76,"line":77,"context":78},"admin\\partials\\wp-smoother-admin-display.php",65,"raw output",{"file":76,"line":80,"context":78},66,{"file":76,"line":80,"context":78},{"file":76,"line":83,"context":78},72,{"file":76,"line":85,"context":78},73,{"file":76,"line":85,"context":78},{"file":76,"line":88,"context":78},83,{"file":76,"line":88,"context":78},{"file":76,"line":88,"context":78},{"file":76,"line":92,"context":78},93,{"file":76,"line":13,"context":78},{"file":76,"line":13,"context":78},{"file":76,"line":96,"context":78},101,{"file":76,"line":96,"context":78},{"file":76,"line":96,"context":78},{"file":76,"line":100,"context":78},107,{"file":76,"line":100,"context":78},{"file":76,"line":100,"context":78},{"file":76,"line":104,"context":78},114,{"file":76,"line":106,"context":78},115,{"file":76,"line":106,"context":78},{"file":76,"line":109,"context":78},122,{"file":76,"line":109,"context":78},{"file":76,"line":109,"context":78},{"file":113,"line":114,"context":78},"public\\css\\wp-smoother-public.php",4,{"file":113,"line":116,"context":78},5,{"file":113,"line":14,"context":78},{"file":113,"line":119,"context":78},7,{"file":121,"line":122,"context":78},"public\\js\\wp-smoother-public.php",69,{"file":121,"line":122,"context":78},{"file":121,"line":125,"context":78},97,[],[128,145],{"entryPoint":129,"graph":130,"unsanitizedCount":114,"severity":144},"\u003Cwp-smoother-public> (public\\css\\wp-smoother-public.php:0)",{"nodes":131,"edges":141},[132,136],{"id":133,"type":134,"label":135,"file":113,"line":114},"n0","source","$_GET['wpsmoother_fade_duration'] (x4)",{"id":137,"type":138,"label":139,"file":113,"line":114,"wp_function":140},"n1","sink","echo() [XSS]","echo",[142],{"from":133,"to":137,"sanitized":143},false,"low",{"entryPoint":146,"graph":147,"unsanitizedCount":166,"severity":144},"\u003Cwp-smoother-public> (public\\js\\wp-smoother-public.php:0)",{"nodes":148,"edges":162},[149,151,152,155,157,160],{"id":133,"type":134,"label":150,"file":121,"line":122},"$_GET['wpsmoother_mouse_distance']",{"id":137,"type":138,"label":139,"file":121,"line":122,"wp_function":140},{"id":153,"type":134,"label":154,"file":121,"line":122},"n2","$_GET['wpsmoother_mouse_speed']",{"id":156,"type":138,"label":139,"file":121,"line":122,"wp_function":140},"n3",{"id":158,"type":134,"label":159,"file":121,"line":125},"n4","$_GET['wpsmoother_anchor_speed']",{"id":161,"type":138,"label":139,"file":121,"line":125,"wp_function":140},"n5",[163,164,165],{"from":133,"to":137,"sanitized":143},{"from":153,"to":156,"sanitized":143},{"from":158,"to":161,"sanitized":143},3,{"summary":168,"deductions":169},"The \"wp-smoother\" v1.1.0 plugin exhibits a generally positive security posture with no recorded vulnerabilities or exploitable attack surface through common WordPress entry points like AJAX, REST API, or shortcodes. The plugin also avoids risky coding practices such as file operations, external HTTP requests, and the use of dangerous functions.  The SQL queries observed are all properly prepared, which is a significant strength.  However, a notable concern arises from the low rate of output escaping (6%), indicating a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is rendered directly without proper sanitization. The taint analysis also reveals flows with unsanitized paths, which, despite not reaching a critical or high severity in this analysis, warrant attention and suggest a risk of insecure data handling.  The complete absence of nonce and capability checks is concerning, as it means any unauthenticated or improperly authenticated user could potentially trigger plugin functionalities, further exacerbating the risk associated with the poor output escaping and unsanitized paths.  While the lack of vulnerability history is a good sign, the internal code signals suggest that ongoing vigilance and code improvements are necessary to maintain this secure state.",[170,173,175,177],{"reason":171,"points":172},"Low output escaping percentage",8,{"reason":174,"points":14},"Taint flows with unsanitized paths",{"reason":176,"points":116},"No nonce checks",{"reason":178,"points":116},"No capability checks","2026-03-16T20:27:24.280Z",{"wat":181,"direct":194},{"assetPaths":182,"generatorPatterns":187,"scriptPaths":188,"versionParams":189},[183,184,185,186],"\u002Fwp-content\u002Fplugins\u002Fwp-smoother\u002Fadmin\u002Fcss\u002Fwp-smoother-admin.css","\u002Fwp-content\u002Fplugins\u002Fwp-smoother\u002Fadmin\u002Fjs\u002Fwp-smoother-admin.js","\u002Fwp-content\u002Fplugins\u002Fwp-smoother\u002Fpublic\u002Fcss\u002Fwp-smoother-public.css","\u002Fwp-content\u002Fplugins\u002Fwp-smoother\u002Fpublic\u002Fjs\u002Fwp-smoother-public.js",[],[184,186],[190,191,192,193],"wp-smoother-admin.css?ver=","wp-smoother-admin.js?ver=","wp-smoother-public.css?ver=","wp-smoother-public.js?ver=",{"cssClasses":195,"htmlComments":197,"htmlAttributes":199,"restEndpoints":204,"jsGlobals":205,"shortcodeOutput":207},[196],"wp-smoother-fade",[198],"\u003C!-- WP Smoother Settings -->",[200,201,202,203],"data-wpsmoother-fade-duration","data-wpsmoother-mouse-distance","data-wpsmoother-mouse-speed","data-wpsmoother-anchor-speed",[],[206],"wp_smoother_options",[]]