Notice Boxes with Shortcodes Security & Risk Analysis
wordpress.org/plugins/notice-boxes-with-shortcodesThis plugin allows you to make notice boxes (styled content boxes of different colors) to display different messages via shortcodes.
Is Notice Boxes with Shortcodes Safe to Use in 2026?
Generally Safe
Score 85/100Notice Boxes with Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "notice-boxes-with-shortcodes" plugin version 3.4 exhibits a generally good security posture based on the provided static analysis. The absence of known CVEs, dangerous functions, raw SQL queries, file operations, and external HTTP requests are strong indicators of secure coding practices. The plugin also correctly utilizes prepared statements for any database interactions. However, a significant concern arises from the complete lack of output escaping. With 5 total outputs analyzed and 0% properly escaped, this presents a considerable risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website.
The plugin has a small attack surface, consisting of only two shortcodes, and importantly, none of these entry points are directly exposed without authentication or capability checks. The lack of taint analysis results could imply that no complex data flows were analyzed or that no vulnerabilities were detected in the analyzed flows. The vulnerability history shows no recorded issues, which is positive, but it doesn't negate the identified risks within the code itself. In conclusion, while the plugin avoids common pitfalls like unpatched vulnerabilities and raw SQL, the pervasive lack of output escaping is a critical weakness that needs immediate attention to prevent potential XSS attacks.
Key Concerns
- Zero output escaping on 5 outputs
Notice Boxes with Shortcodes Security Vulnerabilities
Notice Boxes with Shortcodes Release Timeline
Notice Boxes with Shortcodes Code Analysis
Output Escaping
Notice Boxes with Shortcodes Attack Surface
Shortcodes 2
WordPress Hooks 3
Maintenance & Trust
Notice Boxes with Shortcodes Maintenance & Trust
Maintenance Signals
Community Trust
Notice Boxes with Shortcodes Alternatives
Add Anchor Links
add-anchor-links
Creates anchor links to heading tags in the content of selected posts, just like Github does within the Readme.md files.
Copy Link to Heading – Easily add Anchor links for Headings
copy-link-to-heading
Adds a copy link icon to headings for easy copying anchor links, that helps to bookmarking, sharing, and navigation within the content.
Correct My Headings
correct-my-headings
If your subheadings appear on archive pages, they need to start from H3 (because H2 tags are used by the post titles on archive pages).
Headings
headings
Make Styled Note box, Alert box, Help box, Tip Box, Important Box and loads of of other boxes in your posts using classes.
jcwp simple table of contents
jcwp-simple-table-of-contents
This plugin gives options to display "Table of contents" container on your wordpress post or page
Notice Boxes with Shortcodes Developer Profile
1 plugin · 80 total installs
How We Detect Notice Boxes with Shortcodes
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/notice-boxes-with-shortcodes/nboxesstyle.css/wp-content/plugins/notice-boxes-with-shortcodes/collapsable.js/wp-content/plugins/notice-boxes-with-shortcodes/collapsable.jsnotice-boxes-with-shortcodes/nboxesstyle.css?ver=notice-boxes-with-shortcodes/collapsable.js?ver=HTML / DOM Fingerprints
noticeboxesdenoticeboxescbluenoticeboxgreennoticeboxyellownoticeboxrednoticeboxnbox-close<div class="noticeboxesde bluenoticebox"><div class="noticeboxesc bluenoticebox"><div class="noticeboxesde greennoticebox"><div class="noticeboxesc greennoticebox">