WP-Safety

Alerts DLX – Alert Box, Callout Box, and Notifications Security & Risk Analysis

wordpress.org/plugins/alerts-dlx

Add beautiful tips, warnings, notes, and callout boxes to your WordPress posts and pages in seconds.

70 active installs v2.3.1 PHP 7.2+ WP 5.9+ Updated Dec 13, 2025
alert-boxalertsblocksnotificationsnotify
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Alerts DLX – Alert Box, Callout Box, and Notifications Safe to Use in 2026?

Generally Safe

Score 100/100

Alerts DLX – Alert Box, Callout Box, and Notifications has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The 'alerts-dlx' v2.3.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, all SQL queries utilizing prepared statements, and complete output escaping indicate a commitment to secure coding practices. Furthermore, the lack of file operations and external HTTP requests minimizes common attack vectors. The plugin also has a clean vulnerability history with no recorded CVEs, suggesting a stable and well-maintained codebase.

However, a notable concern is the complete absence of nonce checks. While the plugin has a small attack surface and only one entry point (a shortcode), the lack of nonce verification on this entry point could potentially leave it susceptible to Cross-Site Request Forgery (CSRF) attacks. This is a significant oversight, especially given the generally positive security indicators elsewhere.

In conclusion, 'alerts-dlx' v2.3.1 is generally well-secured, with robust handling of SQL and output. The primary weakness lies in the missing nonce checks on its shortcode, which introduces a potential CSRF vulnerability. Addressing this single point of failure would significantly improve its overall security.

Key Concerns

  • Missing nonce checks on entry points
Vulnerabilities
None known

Alerts DLX – Alert Box, Callout Box, and Notifications Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Alerts DLX – Alert Box, Callout Box, and Notifications Release Timeline

v2.3.1Current
v2.3.0
v2.2.3
v2.2.2
v2.2.0
v2.1.2
v2.1.0
v2.0.1
v2.0.0
v1.4.0
v1.3.5
v1.3.1
v1.3.0
v1.2.5
v1.2.1
v1.2.0
v1.1.0
v1.0.6
v1.0.5
v1.0.1
Code Analysis
Analyzed Mar 16, 2026

Alerts DLX – Alert Box, Callout Box, and Notifications Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
124 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped124 total outputs
Attack Surface

Alerts DLX – Alert Box, Callout Box, and Notifications Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[alertsdlx] php\Blocks.php:83
WordPress Hooks 18
actionplugins_loadedalerts-dlx.php:88
filteralerts_dlx_the_contentalerts-dlx.php:98
filteralerts_dlx_the_contentalerts-dlx.php:99
filteralerts_dlx_the_contentalerts-dlx.php:100
filteralerts_dlx_the_contentalerts-dlx.php:101
filteralerts_dlx_the_contentalerts-dlx.php:102
filteralerts_dlx_the_contentalerts-dlx.php:103
filteralerts_dlx_the_contentalerts-dlx.php:104
actioninitphp\Blocks.php:22
filterblock_type_metadata_settingsphp\Blocks.php:38
actionenqueue_block_assetsphp\Blocks.php:63
actionenqueue_block_editor_assetsphp\Blocks.php:64
filterblock_categories_allphp\Blocks.php:67
actionwp_footerphp\Blocks.php:307
actionwp_footerphp\Blocks.php:320
actionwp_footerphp\Blocks.php:333
actionwp_footerphp\Blocks.php:346
actionwp_footerphp\Blocks.php:363
Maintenance & Trust

Alerts DLX – Alert Box, Callout Box, and Notifications Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 13, 2025
PHP min version7.2
Downloads4K

Community Trust

Rating100/100
Number of ratings2
Active installs70
Alternatives

Alerts DLX – Alert Box, Callout Box, and Notifications Alternatives

Advanced Notifications

Advanced Notifications

advanced-notifications

A
91

Advanced Notifications allows you to create beautiful custom notifications that appear on pages or posts of your choice.

100 1 CVE
Notice Block

Notice Block

notice-block

A
92

Put Spotlight On News, Announcements & Let The Visitors Find It Easily

100 No CVEs
MaxBoxy: Make WordPress Floating Content, Popup, Alert Bar

MaxBoxy: Make WordPress Floating Content, Popup, Alert Bar

maxboxy

A
100

Make Conversion Boxes, Popups, Floats and Inject Any Content in a WorsPress way!

60 No CVEs
Sales Notifications for WooCommerce – Recent Sales Popup

Sales Notifications for WooCommerce – Recent Sales Popup

wc-live-sale-notifications

A
100

Sales Notifications for WooCommerce - Recent Sales Popup boosts sales by showing recent orders in a popup with customer and product details.

50 No CVEs
Courier Notices

Courier Notices

courier-notices

A
100

Add dismissible and non-dismissible notices throughout your WordPress website with customizable colors, icons, and placement options.

40 No CVEs
Developer Profile

Alerts DLX – Alert Box, Callout Box, and Notifications Developer Profile

Ronald Huereca

12 plugins · 30K total installs

87
trust score
Avg Security Score
98/100
Avg Patch Time
89 days
View full developer profile
Detection Fingerprints

How We Detect Alerts DLX – Alert Box, Callout Box, and Notifications

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-bootstrap.asset.php/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-chakra.asset.php/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-material.asset.php/wp-content/plugins/alerts-dlx/build/js/blocks/alerts-dlx-shoelace.asset.php/wp-content/plugins/alerts-dlx/build/blocks-manifest.php/wp-content/plugins/alerts-dlx/assets/css/alerts-dlx-block-editor-styles.css/wp-content/plugins/alerts-dlx/assets/css/alerts-dlx-bootstrap-styles.css/wp-content/plugins/alerts-dlx/assets/css/alerts-dlx-chakra-styles.css+7 more
Script Paths
/wp-content/plugins/alerts-dlx/assets/js/editor.js/wp-content/plugins/alerts-dlx/assets/js/frontend.js/wp-content/plugins/alerts-dlx/assets/js/lato.js
Version Parameters
alerts-dlx/build/js/blocks/alerts-dlx-bootstrap.asset.php?ver=alerts-dlx/build/js/blocks/alerts-dlx-chakra.asset.php?ver=alerts-dlx/build/js/blocks/alerts-dlx-material.asset.php?ver=alerts-dlx/build/js/blocks/alerts-dlx-shoelace.asset.php?ver=alerts-dlx/build/blocks-manifest.php?ver=alerts-dlx/assets/css/alerts-dlx-block-editor-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-bootstrap-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-chakra-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-material-styles.css?ver=alerts-dlx/assets/css/alerts-dlx-shoelace-styles.css?ver=alerts-dlx/assets/js/editor.asset.php?ver=alerts-dlx/assets/js/frontend.asset.php?ver=alerts-dlx/assets/js/editor.js?ver=alerts-dlx/assets/js/frontend.js?ver=alerts-dlx/assets/js/lato.js?ver=

HTML / DOM Fingerprints

CSS Classes
wp-block-mediaron-alerts-dlx-bootstrapwp-block-mediaron-alerts-dlx-chakrawp-block-mediaron-alerts-dlx-materialwp-block-mediaron-alerts-dlx-shoelacealerts-dlx-alert-wrapper
Data Attributes
data-alert-groupdata-alert-typedata-variantdata-modedata-icon-appearancedata-close-button-enabled+2 more
JS Globals
alerts_dlx_i18n
Shortcode Output
[alertsdlx alert_group="bootstrap" alert_type="success" alert_title="Example Title" alert_description="This is an example alert."][alertsdlx alert_group="chakra" alert_type="info" alert_title="Another Alert" alert_description="More information here."][alertsdlx alert_group="material" alert_type="warning" alert_title="Warning!" alert_description="Something might be wrong."][alertsdlx alert_group="shoelace" alert_type="error" alert_title="Error" alert_description="An error occurred."]
FAQ

Frequently Asked Questions about Alerts DLX – Alert Box, Callout Box, and Notifications