Does Courier Notices have any unpatched vulnerabilities?

No. All known vulnerabilities in Courier Notices have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Courier Notices compatible with WordPress 6.8.5?

According to WordPress.org data, Courier Notices 1.9.17 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Courier Notices compatible with PHP 7.4+?

Courier Notices requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Courier Notices updated?

Courier Notices was last updated on Mar 9, 2026. Frequent updates are generally a positive security signal.

What is Courier Notices's security score?

Courier Notices has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Courier Notices Security & Risk Analysis

wordpress.org/plugins/courier-notices

Add dismissible and non-dismissible notices throughout your WordPress website with customizable colors, icons, and placement options.

40 active installs v1.9.17 PHP 7.4+ WP 5.7+ Updated Mar 9, 2026

alertsdismissiblemodalnoticesnotifications

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Courier Notices Safe to Use in 2026?

Generally Safe

Score 100/100

Courier Notices has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 24d ago

Risk Assessment

The "courier-notices" v1.9.17 plugin exhibits a generally strong security posture with excellent adherence to many WordPress security best practices. The high percentage of prepared SQL statements and properly escaped output are commendable. Furthermore, the absence of any recorded vulnerabilities or CVEs suggests a history of stable and secure development. The plugin also demonstrates good use of nonces and capability checks across its entry points, which are all protected by authentication.

However, the static analysis does reveal some areas of concern that warrant attention. The presence of the `assert` dangerous function, while potentially used for debugging or assertions, can be a vector for code injection if not carefully controlled and is a specific code signal to note. The taint analysis identified two flows with unsanitized paths, one of which is flagged as high severity, indicating a potential for data leakage or injection if these paths are maliciously exploited. While no direct vulnerabilities are known historically, these taint flows represent a latent risk.

In conclusion, the plugin is well-developed with a strong foundation in security. The lack of known vulnerabilities and robust use of authentication, nonces, and prepared statements are significant strengths. Nevertheless, the identified `assert` function and the high-severity taint flow with unsanitized paths are weaknesses that should be addressed to further harden the plugin and mitigate potential future risks.

Key Concerns

High severity taint flow with unsanitized paths
Presence of dangerous function: assert
Taint flows with unsanitized paths (x2)

Vulnerabilities

None known

Courier Notices Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Courier Notices Code Analysis

Dangerous Functions

Raw SQL Queries

19 prepared

Unescaped Output

375 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

assertassert($iterator instanceof \Iterator);vendor-prefixed\nette\utils\src\Iterators\CachingIterator.php:36

SQL Query Safety

95% prepared20 total queries

Output Escaping

91% escaped414 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

search_box (includes\Helper\WP_List_Table.php:360)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Courier Notices Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 5

authwp_ajax_courier_notices_add_typeincludes\Controller\Courier_Types.php:100

authwp_ajax_courier_notices_update_typeincludes\Controller\Courier_Types.php:101

authwp_ajax_courier_notices_delete_typeincludes\Controller\Courier_Types.php:102

authwp_ajax_courier_notices_dismiss_migration_noticeincludes\Controller\Upgrade.php:42

authwp_ajax_courier_notices_update_welcome_panelincludes\Controller\Welcome.php:19

Shortcodes 2

[courier_notices] includes\Controller\Shortcodes.php:22

[courier_notice] includes\Controller\Shortcodes.php:23

WordPress Hooks 72

actionplugins_loadedcourier-notices.php:80

actionadmin_noticescourier-notices.php:101

actioninitcourier-notices.php:180

actionadmin_noticescourier-notices.php:194

actionadmin_post_courier_dismiss_wp_rocket_noticecourier-notices.php:247

actionsave_postincludes\Controller\Action_Scheduler.php:61

actioninitincludes\Controller\Action_Scheduler.php:64

actionbefore_delete_postincludes\Controller\Action_Scheduler.php:67

actionadmin_noticesincludes\Controller\Admin\Admin.php:22

actionmanage_courier_notice_posts_custom_columnincludes\Controller\Admin\Admin.php:24

filtermanage_courier_notice_posts_columnsincludes\Controller\Admin\Admin.php:25

filterpost_classincludes\Controller\Admin\Admin.php:26

filterpost_row_actionsincludes\Controller\Admin\Admin.php:27

filterpost_updated_messagesincludes\Controller\Admin\Admin.php:29

actionadmin_enqueue_scriptsincludes\Controller\Admin\Admin.php:31

actionadmin_enqueue_scriptsincludes\Controller\Admin\Admin.php:32

actionrestrict_manage_postsincludes\Controller\Admin\Admin.php:34

filtermonths_dropdown_resultsincludes\Controller\Admin\Admin.php:37

actionadd_meta_boxes_courier_noticeincludes\Controller\Admin\Courier_Notice_Metabox.php:29

filteruse_block_editor_for_post_typeincludes\Controller\Admin\Courier_Notice_Metabox.php:31

actionpost_submitbox_misc_actionsincludes\Controller\Admin\Courier_Notice_Metabox.php:61

actionadmin_menuincludes\Controller\Admin\Settings\General.php:70

actionadmin_initincludes\Controller\Admin\Settings\General.php:71

filterplugin_action_linksincludes\Controller\Admin\Settings\General.php:73

actioncourier_notices_setting_globalincludes\Controller\Admin\Settings\General.php:75

actioncourier_notices_setting_typesincludes\Controller\Admin\Settings\General.php:76

actionsave_post_courier_noticeincludes\Controller\Courier.php:22

actioninitincludes\Controller\Courier.php:23

actioncurrent_screenincludes\Controller\Courier.php:24

actionwp_insert_postincludes\Controller\Courier.php:25

actionpre_get_postsincludes\Controller\Courier.php:26

filterrequestincludes\Controller\Courier.php:28

filterquery_varsincludes\Controller\Courier.php:29

filtertemplate_includeincludes\Controller\Courier.php:30

filterdocument_title_partsincludes\Controller\Courier.php:31

filterpost_updated_messagesincludes\Controller\Courier.php:32

filterviews_edit-courier_noticeincludes\Controller\Courier.php:33

filterpost_classincludes\Controller\Courier.php:34

filtercourier_excerptincludes\Controller\Courier.php:35

filtercourier_excerptincludes\Controller\Courier.php:36

filtercourier_excerptincludes\Controller\Courier.php:37

filtercourier_excerptincludes\Controller\Courier.php:38

actioninitincludes\Controller\Courier_Notices.php:51

actioninitincludes\Controller\Courier_Notices.php:52

actionwp_enqueue_scriptsincludes\Controller\Courier_Notices.php:53

actionwp_enqueue_scriptsincludes\Controller\Courier_Notices.php:54

filteradd_query_varsincludes\Controller\Courier_Notices.php:57

actionsave_post_courier_noticeincludes\Controller\Courier_Notices.php:60

actiondeleted_postincludes\Controller\Courier_Notices.php:61

actionrest_api_initincludes\Controller\Courier_REST_Controller.php:21

actioncourier_notices_save_cssincludes\Controller\Courier_Types.php:104

actionadmin_footerincludes\Controller\Courier_Types.php:106

actioncourier_purgeincludes\Controller\Cron.php:36

actioncourier_expireincludes\Controller\Cron.php:37

actioninitincludes\Controller\Cron.php:39

actionadmin_initincludes\Controller\Install.php:39

actioninitincludes\Controller\Install.php:40

filterwp_stream_log_dataincludes\Controller\Integrations\Stream.php:22

filterwpseo_sitemap_exclude_post_typeincludes\Controller\Integrations\WP_SEO.php:23

filterwpseo_sitemap_exclude_taxonomyincludes\Controller\Integrations\WP_SEO.php:24

actionwp_body_openincludes\Controller\Placement.php:22

actionget_footerincludes\Controller\Placement.php:23

actionwp_body_openincludes\Controller\Placement.php:24

actionrest_api_initincludes\Controller\Settings_REST_Controller.php:18

actionadmin_initincludes\Controller\Upgrade.php:39

actionadmin_noticesincludes\Controller\Upgrade.php:40

actionadmin_noticesincludes\Controller\Upgrade.php:41

actionadmin_initincludes\Controller\Welcome.php:20

actionadmin_noticesincludes\Controller\Welcome.php:21

actionall_admin_noticesincludes\Controller\Welcome.php:53

actioninitincludes\Core\Bootstrap.php:68

actionadmin_footerincludes\Helper\WP_List_Table.php:166

Scheduled Events 3

courier_purge

courier_expire

Maintenance & Trust

Courier Notices Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMar 9, 2026

PHP min version7.4

Downloads15K

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

Courier Notices Alternatives

Disable Admin Notices – Hide Dashboard Notifications

disable-admin-notices

Disable admin notices and hide dashboard notifications from plugins, themes and core. Hide all notices, selected ones, or show them in a single line.

100K 2 CVEs

Hide Admin Notices

hide-admin-notices

Hide – or show – WordPress Dashboard Notices, Messages, Update Nags etc. ... for everything!

20K No CVEs

Hide Dashboard Notifications

wp-hide-backed-notices

Warnings and notices can be helpful for developers as they notify them for debugging issues with their code. Though these notices can be sometimes inf …

20K 2 CVEs

Disable WP Notification

disable-wp-notification

100

Best wordpress plugin to remove all the admin panel notifications in just one click. Including the theme and plugin update notification.

10K No CVEs

Hide admin notices – Admin Notification Center

wp-admin-notification-center

100

Keep your dashboard clean by grouping all the WordPress notice and hide them in a notification center.

8K 1 CVE

Developer Profile

Courier Notices Developer Profile

webaware

17 plugins · 153K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

1595 days

View full developer profile

Detection Fingerprints

How We Detect Courier Notices

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/courier-notices/build/courier-notices.css/wp-content/plugins/courier-notices/build/courier-notices.js

Script Paths

/wp-content/plugins/courier-notices/build/courier-notices.js

Version Parameters

courier-notices/build/courier-notices.css?ver=courier-notices/build/courier-notices.js?ver=

HTML / DOM Fingerprints

CSS Classes

cn-notice-wrappercn-notice-contentcn-notice-iconcn-notice-closecourier-notices-admin-notice

Data Attributes

data-cn-iddata-cn-noncedata-cn-action

JS Globals

CourierNoticescourierNoticesApiSettings

REST Endpoints

/wp-json/courier-notices/v1/notices/display/(.*)

Shortcode Output

[courier-notices]

FAQ