Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Security & Risk Analysis

Build engaging product pages with dynamic rankings, product boxes, comparison tables, price charts, and real-time Amazon data retrieval.

0 active installs v1.3.12.2 PHP 7.4+ WP 5.0+ Updated May 30, 2025

affiliate-marketingaffiliate-pluginamazon-affiliateproduct-comparisonproduct-reviews

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Safe to Use in 2026?

Generally Safe

Score 100/100

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The static analysis of "boxyfy" v1.3.12.2 reveals a generally strong security posture. The plugin demonstrates good practices by implementing nonce checks and capability checks for its entry points, with all 16 AJAX handlers and the absence of REST API routes indicating a focus on secure handling of user interactions. The SQL query usage is also commendable, with 85% employing prepared statements, and a high percentage of output escaping further reduces the risk of common web vulnerabilities. The complete absence of taint analysis findings for critical or high severity issues, along with no recorded CVEs, suggests a well-maintained and secure codebase.

However, there are minor areas for improvement. While the total number of entry points is moderate, the presence of 16 AJAX handlers, even with auth checks, represents a notable attack surface. The 13 external HTTP requests, while not inherently insecure, do introduce a dependency on external services that could be a potential vector for supply chain attacks if those services are compromised. The fact that 15% of SQL queries are not prepared, while not a critical finding in itself given the low overall number, still represents a potential risk if those queries involve user-supplied input.

In conclusion, "boxyfy" v1.3.12.2 appears to be a secure plugin with a solid security foundation. The lack of historical vulnerabilities and the positive findings in static analysis are strong indicators of a responsible development process. The minor concerns identified are not critical but highlight opportunities for further hardening, such as ensuring 100% prepared statements for all SQL queries and a continued focus on minimizing the attack surface.

Key Concerns

15% of SQL queries not using prepared statements
13 external HTTP requests

Vulnerabilities

None known

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Code Analysis

Dangerous Functions

Raw SQL Queries

22 prepared

Unescaped Output

127

1135 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

85% prepared26 total queries

Output Escaping

90% escaped1262 total outputs

Data Flows

All sanitized

Data Flow Analysis

14 flows

boxyfy_render_authors_page (admin\autoren-profile.php:42)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Attack Surface

Entry Points24

Unprotected0

AJAX Handlers 16

authwp_ajax_boxyfy_record_clickadmin\heatmap-function.php:216

noprivwp_ajax_boxyfy_record_clickadmin\heatmap-function.php:217

authwp_ajax_boxyfy_get_single_heatmap_dataadmin\heatmap-function.php:246

authwp_ajax_boxyfy_delete_heatmap_dataadmin\heatmap-function.php:274

authwp_ajax_update_product_rankingsadmin\metabox_produkt_ranking.php:189

authwp_ajax_update_product_ratingadmin\metabox_produkt_ranking.php:343

authwp_ajax_remove_product_rankingadmin\metabox_produkt_ranking.php:374

authwp_ajax_boxyfy_ai_generate_questionsadmin\single-produkt-shortcode.php:412

noprivwp_ajax_boxyfy_ai_generate_questionsadmin\single-produkt-shortcode.php:413

authwp_ajax_boxyfy_ai_ask_questionadmin\single-produkt-shortcode.php:446

noprivwp_ajax_boxyfy_ai_ask_questionadmin\single-produkt-shortcode.php:447

authwp_ajax_boxyfy_fetch_amazon_imageadmin\singleproduktimages.php:81

authwp_ajax_boxyfy_fetch_amazon_dataadmin\singleproduktpreis.php:185

authwp_ajax_boxyfy_remove_amazon_imageadmin\singleproduktpreis.php:229

authwp_ajax_delete_old_databoxyfy.php:764

authwp_ajax_boxyfy_manual_updateboxyfy.php:782

Shortcodes 8

[boxyfy_preiswecker] admin\preistracker-single.php:586

[boxyfy_produktbox] admin\single-produkt-shortcode.php:407

[boxyfy_produkte_vergleich] boxyfy.php:963

[boxyfy_amazon_table] includes\amazon-shortcodes\amazon-bestseller-table.php:333

[boxyfy_amazon_liste] includes\amazon-shortcodes\amazon-bestseller-table2.php:321

[boxyfy_amazon_productbox] includes\amazon-shortcodes\amazon-produktbox-simple.php:245

[boxyfy_amazon_products_slider] includes\amazon-shortcodes\amazon-produktbox-slider.php:213

[boxyfy_amazon_productbox_small] includes\amazon-shortcodes\amazon-produktbox-small.php:371

WordPress Hooks 121

actionadmin_menuadmin\autoren-profile.php:37

actionadd_meta_boxesadmin\autoren-profile.php:367

actionsave_postadmin\autoren-profile.php:430

filterthe_contentadmin\autoren-profile.php:474

actionadmin_initadmin\backend_setting_pages.php:44

actionadmin_post_boxyfy_clear_cacheadmin\backend_setting_pages.php:87

actionadmin_post_updateadmin\backend_setting_pages.php:483

actionsave_postadmin\boxyfy_metabox_produktbewertung.php:110

actionadmin_menuadmin\heatmap-function.php:21

actionadmin_enqueue_scriptsadmin\heatmap-function.php:42

actionboxyfy_daily_license_checkadmin\license-functions.php:37

actionadmin_noticesadmin\license-functions.php:232

actionadmin_noticesadmin\license-functions.php:254

actionadmin_initadmin\license-functions.php:355

actionupdate_option_boxyfy_license_keyadmin\license-functions.php:409

actionsave_post_boxyfy_tsprodukteadmin\metabox_productdetails_list.php:109

actionsave_postadmin\metabox_products_star_rating.php:140

actionsave_postadmin\metabox_produktlabels.php:118

actionadmin_enqueue_scriptsadmin\metabox_produkt_ranking.php:19

actionadd_meta_boxesadmin\metabox_produkt_ranking.php:82

actionsave_post_boxyfy_tsprodukteadmin\metabox_produkt_ranking.php:235

actionbefore_delete_postadmin\metabox_produkt_ranking.php:301

actionsave_postadmin\metabox_vorteile_nachteile.php:166

actionsave_postadmin\metabox_weitere_bilder.php:77

actionadmin_enqueue_scriptsadmin\metabox_weitere_bilder.php:90

actionsave_postadmin\metabox_weitere_preise.php:165

actionadmin_initadmin\preistracker-single.php:88

filtercron_schedulesadmin\preistracker-single.php:100

actionboxyfy_productpage_preiswecker_updateadmin\preistracker-single.php:108

filtercron_schedulesadmin\singleproduktpreis.php:49

actioninitadmin\singleproduktpreis.php:75

actionboxyfy_cron_update_amazon_pricesadmin\singleproduktpreis.php:110

actionadd_meta_boxesadmin\singleproduktpreis.php:182

actionplugins_loadedboxyfy.php:20

actionadmin_noticesboxyfy.php:70

actionadmin_noticesboxyfy.php:113

actionadmin_noticesboxyfy.php:125

actionadmin_noticesboxyfy.php:185

actionadmin_noticesboxyfy.php:243

actioninitboxyfy.php:323

actioninitboxyfy.php:354

actionadmin_menuboxyfy.php:374

actionadmin_menuboxyfy.php:389

actionadmin_menuboxyfy.php:508

actionadd_meta_boxesboxyfy.php:526

actionadd_meta_boxesboxyfy.php:543

actionadmin_menuboxyfy.php:558

actionadmin_initboxyfy.php:716

actionadd_meta_boxesboxyfy.php:807

actionadd_meta_boxesboxyfy.php:831

actionadd_meta_boxesboxyfy.php:845

actionadd_meta_boxesboxyfy.php:862

actionadd_meta_boxesboxyfy.php:878

filtertemplate_includeboxyfy.php:896

actionadd_meta_boxesboxyfy.php:913

actionadd_meta_boxesboxyfy.php:987

actionadmin_menuboxyfy.php:1005

actionadmin_menuboxyfy.php:1013

actionadmin_initboxyfy.php:1021

actionadmin_menuboxyfy.php:1049

actioninitincludes\amazon-shortcodes\amazon-produktbox-small.php:33

filtercron_schedulesincludes\amazon-shortcodes\amazon-produktbox-small.php:86

actionboxyfy_amazon_smallproductbox_preiswecker_updateincludes\amazon-shortcodes\amazon-produktbox-small.php:109

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:17

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:69

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:129

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:151

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:172

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:186

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:210

filterthe_postsincludes\enqueue-scripts.php:236

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:265

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:289

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:316

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:330

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:344

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:364

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:380

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:411

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:451

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:484

actionwp_enqueue_scriptsincludes\enqueue-scripts.php:499

filterthe_postsincludes\enqueue-scripts.php:505

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:544

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:562

filterthe_postsincludes\enqueue-scripts.php:588

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:24

actionwp_enqueue_scriptsincludes\enqueue-styles.php:25

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:47

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:64

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:85

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:104

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:123

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:142

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:172

actionadmin_menuincludes\enqueue-styles.php:192

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:210

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:230

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:249

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:270

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:291

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:312

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:329

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:336

actionwp_enqueue_scriptsincludes\enqueue-styles.php:367

actionadmin_enqueue_scriptsincludes\enqueue-styles.php:368

actionwp_enqueue_scriptsincludes\enqueue-styles.php:439

actionwp_enqueue_scriptsincludes\enqueue-styles.php:452

filterthe_postsincludes\enqueue-styles.php:459

actionwp_enqueue_scriptsincludes\enqueue-styles.php:494

filterthe_postsincludes\enqueue-styles.php:524

actionwp_enqueue_scriptsincludes\enqueue-styles.php:568

actionwp_enqueue_scriptsincludes\enqueue-styles.php:628

actionwp_enqueue_scriptsincludes\enqueue-styles.php:682

actionwp_enqueue_scriptsincludes\enqueue-styles.php:796

actionwp_enqueue_scriptsincludes\enqueue-styles.php:840

actionwp_enqueue_scriptsincludes\enqueue-styles.php:919

filterthe_postsincludes\enqueue-styles.php:925

actionwp_enqueue_scriptsincludes\enqueue-styles.php:1040

filterthe_postsincludes\enqueue-styles.php:1047

actionwp_enqueue_scriptsincludes\enqueue-styles.php:1053

Scheduled Events 5

boxyfy_daily_license_check

boxyfy_productpage_preiswecker_update

boxyfy_amazon_smallproductbox_preiswecker_update

Maintenance & Trust

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 30, 2025

PHP min version7.4

Downloads870

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Alternatives

AffiliateX – Amazon Affiliate Plugin

affiliatex

AffiliateX is the best WordPress Amazon Affiliate Plugin. Create professional affiliate websites with customizable WordPress Amazon Affiliate Blocks.

10K 3 CVEs

YITH WooCommerce Affiliates

yith-woocommerce-affiliates

YITH WooCommerce Affiliates allows you to create affiliate profiles and grant your affiliates earnings each time someone purchases from their link.

7K 1 CVE

Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

simple-urls

Simple URLs helps you to manage links, create product displays, and grow your affiliate marketing business.

4K 6 CVEs

Amazing Affiliates – Toolkit for Amazon Associates with Amazon Product Blocks and PAAPI5 Amazon API integration

amazingaffiliates

100

Monetize your Amazon Affiliate Income with Amazon API Integration & Amazon Product Blocks!

600 No CVEs

Coupon Plugin

coupon-lite

A powerful coupon plugin for affiliate marketers and bloggers to create responsive and customizable coupon and deal boxes in WordPress.

300 1 unpatched

Developer Profile

Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI Developer Profile

boxyfyofficial

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Boxyfy – Ultimate Affiliate Tool: Product Boxes, Price Alerts, Heatmap and AI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/boxyfy/admin/css/boxyfy-admin.css/wp-content/plugins/boxyfy/admin/js/boxyfy-admin.js/wp-content/plugins/boxyfy/public/css/boxyfy-public.css/wp-content/plugins/boxyfy/public/js/boxyfy-public.js/wp-content/plugins/boxyfy/public/js/script.js

Script Paths

/wp-content/plugins/boxyfy/admin/js/boxyfy-admin.js/wp-content/plugins/boxyfy/public/js/boxyfy-public.js/wp-content/plugins/boxyfy/public/js/script.js

Version Parameters

boxyfy/admin/css/boxyfy-admin.css?ver=boxyfy/admin/js/boxyfy-admin.js?ver=boxyfy/public/css/boxyfy-public.css?ver=boxyfy/public/js/boxyfy-public.js?ver=boxyfy/public/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

boxyfy-product-boxboxyfy-comparison-table

HTML Comments

Data Attributes

data-boxyfy-product-iddata-boxyfy-asin

JS Globals

boxyfy_ajax_object

Shortcode Output

[boxyfy_product_box][boxyfy_comparison_table]

FAQ