Does Boxtal – Shipping solution have any unpatched vulnerabilities?

No. All known vulnerabilities in Boxtal – Shipping solution have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Boxtal – Shipping solution compatible with WordPress 6.8.5?

According to WordPress.org data, Boxtal – Shipping solution 1.3.11 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Boxtal – Shipping solution compatible with PHP 5.6.0+?

Boxtal – Shipping solution requires PHP 5.6.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Boxtal – Shipping solution updated?

Boxtal – Shipping solution was last updated on Dec 23, 2025. Frequent updates are generally a positive security signal.

What is Boxtal – Shipping solution's security score?

Boxtal – Shipping solution has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Boxtal – Shipping solution Security & Risk Analysis

wordpress.org/plugins/boxtal-connect

Negotiated rates for all types of shipping (home, relay, express, lockers, etc.). No subscription, no hidden fees.

9K active installs v1.3.11 PHP 5.6.0+ WP 4.6+ Updated Dec 23, 2025

chronopostdeliverymondial-relayparcel-pointshipping

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Boxtal – Shipping solution Safe to Use in 2026?

Generally Safe

Score 100/100

Boxtal – Shipping solution has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The boxtal-connect plugin v1.3.11 demonstrates a generally good security posture, with a high percentage of properly escaped output and the majority of SQL queries utilizing prepared statements. The absence of critical or high-severity vulnerabilities in its history, along with no recorded past vulnerabilities, suggests a developer focus on security. The plugin also exhibits a good number of nonce checks, further strengthening its defenses.

However, there are specific areas of concern that warrant attention. The presence of two AJAX handlers without authentication checks creates a potential attack vector. While taint analysis shows no issues, the lack of capability checks is a notable weakness, especially when combined with the unprotected AJAX endpoints. This could allow unauthenticated or low-privileged users to trigger sensitive actions if the AJAX handlers themselves perform risky operations.

In conclusion, boxtal-connect v1.3.11 has strengths in its output escaping, prepared SQL statements, and lack of historical vulnerabilities. The main weaknesses lie in the unprotected AJAX handlers and the absence of capability checks, which present a moderate risk that should be addressed to ensure a more robust security profile.

Key Concerns

AJAX handlers without authentication checks
No capability checks on entry points

Vulnerabilities

None known

Boxtal – Shipping solution Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Boxtal – Shipping solution Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

37 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared6 total queries

Output Escaping

95% escaped39 total outputs

Attack Surface

2 unprotected

Boxtal – Shipping solution Attack Surface

Entry Points18

Unprotected2

AJAX Handlers 11

authwp_ajax_bw_hide_noticeBoxtal\BoxtalConnectWoocommerce\notice\class-notice-controller.php:136

authwp_ajax_bw_pairing_update_validateBoxtal\BoxtalConnectWoocommerce\notice\class-notice-controller.php:142

authwp_ajax_bw_add_rate_lineBoxtal\BoxtalConnectWoocommerce\shipping-method\class-controller.php:88

authwp_ajax_bw_get_pointsBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:58

authwp_ajax_bw_set_pointBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:59

authwp_ajax_bw_get_map_urlBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:60

authwp_ajax_bw_get_shipping_method_extra_labelBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:61

noprivwp_ajax_bw_get_pointsBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:62

noprivwp_ajax_bw_set_pointBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:63

noprivwp_ajax_bw_get_map_urlBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:64

noprivwp_ajax_bw_get_shipping_method_extra_labelBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:65

REST API Routes 7

POST/wp-json/boxtal-connect/v1/orderBoxtal\BoxtalConnectWoocommerce\rest-controller\class-order.php:35

POST/wp-json/boxtal-connect/v1/order/(?P<order_id>[\d]+)/shippedBoxtal\BoxtalConnectWoocommerce\rest-controller\class-order.php:50

POST/wp-json/boxtal-connect/v1/order/(?P<order_id>[\d]+)/deliveredBoxtal\BoxtalConnectWoocommerce\rest-controller\class-order.php:65

POST/wp-json/boxtal-connect/v1shop/pairBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:33

POST/wp-json/boxtal-connect/v1shop/update-configurationBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:48

POST/wp-json/boxtal-connect/v1shop/delete-configurationBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:63

POST/wp-json/boxtal-connect/v1shop/get-configurationBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:78

WordPress Hooks 50

filterwoocommerce_shipping_methodsBoxtal\BoxtalConnectWoocommerce\class-plugin.php:163

actionboxtal_connect_get_parcelpointBoxtal\BoxtalConnectWoocommerce\init\class-api-action.php:51

actionboxtal_connect_print_parcelpointBoxtal\BoxtalConnectWoocommerce\init\class-api-action.php:52

actionboxtal_connect_get_trackingBoxtal\BoxtalConnectWoocommerce\init\class-api-action.php:53

actionboxtal_connect_print_tracking_numberBoxtal\BoxtalConnectWoocommerce\init\class-api-action.php:54

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\init\class-component.php:48

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\init\class-component.php:49

actionadmin_initBoxtal\BoxtalConnectWoocommerce\notice\class-notice-controller.php:116

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\notice\class-notice-controller.php:134

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\notice\class-notice-controller.php:135

actionadmin_noticesBoxtal\BoxtalConnectWoocommerce\notice\class-notice-controller.php:139

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:73

filteradd_meta_boxes_shop_orderBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:74

filteradd_meta_boxes_woocommerce_page_wc-ordersBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:75

filteradd_meta_boxes_shop_orderBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:76

filteradd_meta_boxes_woocommerce_page_wc-ordersBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:77

filterwoocommerce_admin_order_preview_get_order_detailsBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:78

filterwoocommerce_admin_order_preview_endBoxtal\BoxtalConnectWoocommerce\order\class-admin-order-page.php:79

filterwoocommerce_order_details_after_order_tableBoxtal\BoxtalConnectWoocommerce\order\class-front-order-page.php:51

filterwoocommerce_order_details_after_order_tableBoxtal\BoxtalConnectWoocommerce\order\class-front-order-page.php:52

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-order.php:32

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-order.php:47

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-order.php:62

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:30

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:45

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:60

actionrest_api_initBoxtal\BoxtalConnectWoocommerce\rest-controller\class-shop.php:75

actionadmin_menuBoxtal\BoxtalConnectWoocommerce\settings\class-page.php:67

actionadmin_initBoxtal\BoxtalConnectWoocommerce\settings\class-page.php:68

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\shipping-method\class-controller.php:85

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\shipping-method\class-controller.php:86

actionadmin_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\shipping-method\class-settings-override.php:61

filterwoocommerce_shipping_methodsBoxtal\BoxtalConnectWoocommerce\shipping-method\class-settings-override.php:62

actionwoocommerce_checkout_create_subscription_shipping_itemBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-checkout.php:29

actionwoocommerce_checkout_order_processedBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-checkout.php:31

actionwoocommerce_store_api_checkout_order_processedBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-checkout.php:33

actionwoocommerce_blocks_cart_block_registrationBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:68

actionwoocommerce_after_shipping_calculatorBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:70

actionwp_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:71

actionwoocommerce_blocks_checkout_block_registrationBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:75

actionwoocommerce_after_checkout_formBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:77

actionwp_enqueue_scriptsBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-controller.php:78

actionwoocommerce_after_shipping_rateBoxtal\BoxtalConnectWoocommerce\shipping-method\parcel-point\class-render.php:28

filteradd_meta_boxes_shop_subscriptionBoxtal\BoxtalConnectWoocommerce\subscription\class-admin-subscription-page.php:60

actionadd_meta_boxesBoxtal\BoxtalConnectWoocommerce\subscription\class-admin-subscription-page.php:61

filterwoocommerce_subscription_details_after_subscription_tableBoxtal\BoxtalConnectWoocommerce\subscription\class-front-subscription-page.php:51

actionbefore_woocommerce_initboxtal-connect.php:32

actionplugins_loadedboxtal-connect.php:34

actionwpmu_new_blogboxtal-connect.php:36

actionwpmu_drop_tablesboxtal-connect.php:38

Maintenance & Trust

Boxtal – Shipping solution Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 23, 2025

PHP min version5.6.0

Downloads227K

Community Trust

Rating80/100

Number of ratings45

Active installs9K

Alternatives

Boxtal – Shipping solution Alternatives

La Poste Pro Expéditions WooCommerce

la-poste-pro-expeditions-woocommerce

100

Manage your ecommerce shipments. No subscription, no hidden fees.

1K No CVEs

Claudio Sanches – Correios for WooCommerce

woocommerce-correios

Integration between the Correios and WooCommerce

30K No CVEs

Packlink PRO for WooCommerce

packlink-pro-shipping

Elevate your store with Packlink PRO —the ultimate free shipping solution offering discounted rates from 350+ carriers instantly.

10K 1 CVE

Shiprocket

shiprocket

Auto Sync your Woocommerce store orders & ship them at lowest shipping rates. Automate your shipping, save time & money.

10K 1 unpatched

MyParcel

woocommerce-myparcel

Export your WooCommerce orders to MyParcel (www.myparcel.nl) and print labels directly from the WooCommerce admin

9K 1 CVE

Developer Profile

Boxtal – Shipping solution Developer Profile

boxtal

1 plugin · 9K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Boxtal – Shipping solution

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/js/component.min.js/wp-content/plugins/boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/css/component.css/wp-content/plugins/boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/js/polyfills.min.js/wp-content/plugins/boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/js/notices.min.js/wp-content/plugins/boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/css/notices.css

Version Parameters

boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/js/component.min.js?ver=boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/css/component.css?ver=boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/js/polyfills.min.js?ver=boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/js/notices.min.js?ver=boxtal-connect/Boxtal/BoxtalConnectWoocommerce/assets/css/notices.css?ver=

HTML / DOM Fingerprints

CSS Classes

bw-notice-updatebw-notice-setup-wizardbw-notice-configuration-failurebw-notice-pairingbw-notice-pairing-updatebw-notice-custombw-notice-environment-warningbw-notice-wrapper

Data Attributes

data-bw_hide_notice

JS Globals

bwData

FAQ