WP-Safety

Alerts DLX – Alert Box, Callout Box, and Notifications Security & Risk Analysis

wordpress.org/plugins/alerts-dlx

Add beautiful tips, warnings, notes, and callout boxes to your WordPress posts and pages in seconds.

60 active installs v2.3.1 PHP 7.2+ WP 5.9+ Updated Dec 13, 2025
alert-boxalertsblocksnotificationsnotify
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Alerts DLX – Alert Box, Callout Box, and Notifications Safe to Use in 2026?

Generally Safe

Score 100/100

Alerts DLX – Alert Box, Callout Box, and Notifications has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The 'alerts-dlx' v2.3.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, all SQL queries utilizing prepared statements, and complete output escaping indicate a commitment to secure coding practices. Furthermore, the lack of file operations and external HTTP requests minimizes common attack vectors. The plugin also has a clean vulnerability history with no recorded CVEs, suggesting a stable and well-maintained codebase.

However, a notable concern is the complete absence of nonce checks. While the plugin has a small attack surface and only one entry point (a shortcode), the lack of nonce verification on this entry point could potentially leave it susceptible to Cross-Site Request Forgery (CSRF) attacks. This is a significant oversight, especially given the generally positive security indicators elsewhere.

In conclusion, 'alerts-dlx' v2.3.1 is generally well-secured, with robust handling of SQL and output. The primary weakness lies in the missing nonce checks on its shortcode, which introduces a potential CSRF vulnerability. Addressing this single point of failure would significantly improve its overall security.

Key Concerns

  • Missing nonce checks on entry points
Vulnerabilities
None known

Alerts DLX – Alert Box, Callout Box, and Notifications Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Alerts DLX – Alert Box, Callout Box, and Notifications Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
124 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped124 total outputs
Attack Surface

Alerts DLX – Alert Box, Callout Box, and Notifications Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[alertsdlx] php\Blocks.php:83
WordPress Hooks 18
actionplugins_loadedalerts-dlx.php:88
filteralerts_dlx_the_contentalerts-dlx.php:98
filteralerts_dlx_the_contentalerts-dlx.php:99
filteralerts_dlx_the_contentalerts-dlx.php:100
filteralerts_dlx_the_contentalerts-dlx.php:101
filteralerts_dlx_the_contentalerts-dlx.php:102
filteralerts_dlx_the_contentalerts-dlx.php:103
filteralerts_dlx_the_contentalerts-dlx.php:104
actioninitphp\Blocks.php:22
filterblock_type_metadata_settingsphp\Blocks.php:38
actionenqueue_block_assetsphp\Blocks.php:63
actionenqueue_block_editor_assetsphp\Blocks.php:64
filterblock_categories_allphp\Blocks.php:67
actionwp_footerphp\Blocks.php:307
actionwp_footerphp\Blocks.php:320
actionwp_footerphp\Blocks.php:333
actionwp_footerphp\Blocks.php:346
actionwp_footerphp\Blocks.php:363
Maintenance & Trust

Alerts DLX – Alert Box, Callout Box, and Notifications Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 13, 2025
PHP min version7.2
Downloads4K

Community Trust

Rating100/100
Number of ratings2
Active installs60
Alternatives

Alerts DLX – Alert Box, Callout Box, and Notifications Alternatives

Advanced Notifications

Advanced Notifications

advanced-notifications

A
91

Advanced Notifications allows you to create beautiful custom notifications that appear on pages or posts of your choice.

100 1 CVE
Notice Block

Notice Block

notice-block

A
92

Put Spotlight On News, Announcements & Let The Visitors Find It Easily

100 No CVEs
MaxBoxy: Make WordPress Floating Content, Popup, Alert Bar

MaxBoxy: Make WordPress Floating Content, Popup, Alert Bar

maxboxy

A
100

Make Conversion Boxes, Popups, Floats and Inject Any Content in a WorsPress way!

50 No CVEs
Sales Notifications for WooCommerce – Recent Sales Popup

Sales Notifications for WooCommerce – Recent Sales Popup

wc-live-sale-notifications

A
100

Sales Notifications for WooCommerce - Recent Sales Popup boosts sales by showing recent orders in a popup with customer and product details.

50 No CVEs
Courier Notices

Courier Notices

courier-notices

A
100

Add dismissible and non-dismissible notices throughout your WordPress website with customizable colors, icons, and placement options.

40 No CVEs
Developer Profile

Alerts DLX – Alert Box, Callout Box, and Notifications Developer Profile

Ronald Huereca

11 plugins · 29K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
93 days
View full developer profile
Detection Fingerprints

How We Detect Alerts DLX – Alert Box, Callout Box, and Notifications

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-bootstrap.asset.php/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-chakra.asset.php/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-material.asset.php/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-shoelace.asset.php/wp-content/plugins/alerts-dlx/build/blocks-manifest.php/wp-content/plugins/alerts-dlx/assets/css/alerts-dlx-block-editor-styles.css/wp-content/plugins/alerts-dlx/assets/css/alerts-dlx-bootstrap-styles.css/wp-content/plugins/alerts-dlx/assets/css/alerts-dlx-chakra-styles.css+7 more
Script Paths
/wp-content/plugins/alerts-dlx/assets/js/editor.js/wp-content/plugins/alerts-dlx/assets/js/frontend.js/wp-content/plugins/alerts-dlx/assets/js/lato.js
Version Parameters
alerts-dlx/build/js/blocks/alerts-dlx-bootstrap.asset.php?ver=alerts-dlx/build/js/blocks/alerts-dlx-chakra.asset.php?ver=alerts-dlx/build/js/blocks/alerts-dlx-material.asset.php?ver=alerts-dlx/build/js/blocks/alerts-dlx-shoelace.asset.php?ver=alerts-dlx/build/blocks-manifest.php?ver=alerts-dlx/assets/css/alerts-dlx-block-editor-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-bootstrap-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-chakra-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-material-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-shoelace-styles.css?ver=alerts-dlx/assets/js/editor.asset.php?ver=alerts-dlx/assets/js/frontend.asset.php?ver=alerts-dlx/assets/js/editor.js?ver=alerts-dlx/assets/js/frontend.js?ver=alerts-dlx/assets/js/lato.js?ver=

HTML / DOM Fingerprints

CSS Classes
wp-block-mediaron-alerts-dlx-bootstrapwp-block-mediaron-alerts-dlx-chakrawp-block-mediaron-alerts-dlx-materialwp-block-mediaron-alerts-dlx-shoelacealerts-dlx-alert-wrapper
Data Attributes
data-alert-groupdata-alert-typedata-variantdata-modedata-icon-appearancedata-close-button-enabled+2 more
JS Globals
alerts_dlx_i18n
Shortcode Output
[alertsdlx alert_group="bootstrap" alert_type="success" alert_title="Example Title" alert_description="This is an example alert."][alertsdlx alert_group="chakra" alert_type="info" alert_title="Another Alert" alert_description="More information here."][alertsdlx alert_group="material" alert_type="warning" alert_title="Warning!" alert_description="Something might be wrong."][alertsdlx alert_group="shoelace" alert_type="error" alert_title="Error" alert_description="An error occurred."]
FAQ

Frequently Asked Questions about Alerts DLX – Alert Box, Callout Box, and Notifications