WP-Safety

Standard Box Sizes – for WooCommerce Security & Risk Analysis

wordpress.org/plugins/standard-box-sizes

For exclusive use with Eniture Technology's Small Package Quotes plugins for FedEx, Purolator, UPS, USPS, Unishippers, and Worldwide Express.

70 active installs v1.6.22 PHP + WP 6.4+ Updated Feb 9, 2026
boxboxingboxsizeshipping-ratesstandard-box-sizes
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 3, 2025
Plugin page Download
Safety Verdict

Is Standard Box Sizes – for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Standard Box Sizes – for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 3, 2025Updated 1mo ago
Risk Assessment

The 'standard-box-sizes' plugin v1.6.22 exhibits a mixed security posture. While it shows good practices such as a lack of dangerous functions, file operations, and external HTTP requests, significant concerns arise from its attack surface and output handling. The presence of 24 AJAX handlers, with one explicitly lacking authentication checks, presents a direct vulnerability. This, combined with only 48% of output being properly escaped, suggests a risk of cross-site scripting (XSS) vulnerabilities, especially when combined with the unsanitized path found in the taint analysis. The plugin's history includes one medium-severity CVE, indicating past weaknesses in authorization, which aligns with the identified unprotected AJAX handler. While there are no currently unpatched vulnerabilities, the pattern suggests a need for greater diligence in securing entry points and ensuring robust output sanitization. Overall, the plugin has some strengths but requires immediate attention to address the unprotected AJAX handler and improve output escaping to mitigate potential security risks.

Key Concerns

  • AJAX handler without auth check
  • Low percentage of properly escaped output
  • Taint flow with unsanitized path
  • Medium severity CVE in history
Vulnerabilities
1

Standard Box Sizes – for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-22318medium · 5.3Missing Authorization

Standard Box Sizes – for WooCommerce <= 1.6.13 - Missing Authorization

Jan 3, 2025 Patched in 1.6.14 (18d)
Code Analysis
Analyzed Mar 16, 2026

Standard Box Sizes – for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
2 prepared
Unescaped Output
66
60 escaped
Nonce Checks
12
Capability Checks
24
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

50% prepared4 total queries

Output Escaping

48% escaped126 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
<en-hit-to-update-message> (en-hit-to-update-message.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Standard Box Sizes – for WooCommerce Attack Surface

Entry Points24
Unprotected1

AJAX Handlers 24

noprivwp_ajax_en_woo_addons_hide_bin_messageen-standard-box-sizes.php:211
authwp_ajax_en_woo_addons_hide_bin_messageen-standard-box-sizes.php:212
noprivwp_ajax_en_woo_addons_usps_query_functionen-standard-box-sizes.php:215
authwp_ajax_en_woo_addons_usps_query_functionen-standard-box-sizes.php:216
noprivwp_ajax_en_woo_addons_upgrade_plan_submit_boxincludes\en-woo-box-addons-ajax-request.php:49
authwp_ajax_en_woo_addons_upgrade_plan_submit_boxincludes\en-woo-box-addons-ajax-request.php:50
noprivwp_ajax_en_box_sizing_submitincludes\en-woo-box-addons-ajax-request.php:56
authwp_ajax_en_box_sizing_submitincludes\en-woo-box-addons-ajax-request.php:57
noprivwp_ajax_or_box_sizing_submitincludes\en-woo-box-addons-ajax-request.php:62
authwp_ajax_or_box_sizing_submitincludes\en-woo-box-addons-ajax-request.php:63
noprivwp_ajax_or_get_box_sizing_detailsincludes\en-woo-box-addons-ajax-request.php:68
authwp_ajax_or_get_box_sizing_detailsincludes\en-woo-box-addons-ajax-request.php:69
noprivwp_ajax_en_box_update_availableincludes\en-woo-box-addons-ajax-request.php:74
authwp_ajax_en_box_update_availableincludes\en-woo-box-addons-ajax-request.php:75
noprivwp_ajax_en_box_sizing_deleteincludes\en-woo-box-addons-ajax-request.php:82
authwp_ajax_en_box_sizing_deleteincludes\en-woo-box-addons-ajax-request.php:83
noprivwp_ajax_suspend_automatic_detection_boxincludes\en-woo-box-addons-ajax-request.php:89
authwp_ajax_suspend_automatic_detection_boxincludes\en-woo-box-addons-ajax-request.php:90
noprivwp_ajax_en_add_box_sizing_one_rateincludes\en-woo-box-addons-ajax-request.php:96
authwp_ajax_en_add_box_sizing_one_rateincludes\en-woo-box-addons-ajax-request.php:97
authwp_ajax_en_woo_addons_update_optimization_mode_sbsincludes\en-woo-box-addons-ajax-request.php:100
authwp_ajax_en_woo_addons_update_packaging_solution_preference_sbsincludes\en-woo-box-addons-ajax-request.php:103
noprivwp_ajax_en_box_sizing_populate_product_tagsincludes\en-woo-box-addons-ajax-request.php:105
authwp_ajax_en_box_sizing_populate_product_tagsincludes\en-woo-box-addons-ajax-request.php:106
WordPress Hooks 29
actionwoocommerce_order_actionsadmin\order\en-admin-order-class.php:108
actionen_box_sizing_responseadmin\order\en-admin-order-class.php:110
filterwoocommerce_thankyouadmin\order\en-front-order-class.php:48
actionwoocommerce_product_options_shippingadmin\products\en-addon-products-options.php:30
actionwoocommerce_process_product_metaadmin\products\en-addon-products-options.php:33
actionwoocommerce_product_after_variable_attributesadmin\products\en-addon-products-options.php:43
actionwoocommerce_save_product_variationadmin\products\en-addon-products-options.php:46
filterenit_box_sizes_post_array_filteradmin\request-handler\en-box-sizing-request-handler.php:190
filterenit_box_sizes_post_array_filter_new_apiadmin\request-handler\en-box-sizing-request-handler.php:191
filteren_save_3dbin_sessionadmin\request-handler\en-box-sizing-request-handler.php:193
actionwoocommerce_settings_wc_settings_quote_section_end_box_sizing_afteradmin\templates\en-woo-addon-box-sizing-template.php:47
filteren_sbs_recursiveadmin\templates\en-woo-addon-box-sizing-template.php:72
actionbefore_woocommerce_initen-standard-box-sizes.php:20
actionadmin_enqueue_scriptsen-standard-box-sizes.php:139
actioniniten-standard-box-sizes.php:174
actionadmin_bar_menuen-standard-box-sizes.php:208
actionadmin_print_scriptsincludes\en-standard-box-sizes-includes.php:24
filterfedex_one_rate_dataincludes\en-woo-box-addons-fedex-one-rate.php:17
filterfedex_one_rate_imgincludes\en-woo-box-addons-fedex-one-rate.php:18
filteren_woo_addons_settingsincludes\en-woo-box-addons-forms-handler.php:27
filteren_woo_addons_sectionsincludes\en-woo-box-addons-forms-handler.php:28
actionwoocommerce_settings_tabs_arrayincludes\en-woo-box-addons-forms-handler.php:29
actionwoocommerce_checkout_order_processedincludes\en-woo-box-addons-genrt-request-key.php:15
filteren_mutiple_packages_in_requestmulti-packaging\multi-packaging-request.php:20
filteren_mutiple_packages_valid_requestmulti-packaging\multi-packaging-request.php:21
filteren_mutiple_packages_update_requestmulti-packaging\multi-packaging-request.php:22
actionwoocommerce_settings_wc_settings_quote_section_end_box_sizing_aftermulti-packaging\multi-packaging.php:21
filteren_sbs_recursivemulti-packaging\multi-packaging.php:51
actionfedex_small_detectedone-rate\one-rate.php:15
Maintenance & Trust

Standard Box Sizes – for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 9, 2026
PHP min version
Downloads7K

Community Trust

Rating0/100
Number of ratings0
Active installs70
Alternatives

Standard Box Sizes – for WooCommerce Alternatives

Letterbox Thumbnails

Letterbox Thumbnails

letterbox-thumnails

A
85

This plugin add new editor for generating thumbnails with letterbox style. Background color for letterbox style sets in settings.

10 No CVEs
Meta Box

Meta Box

meta-box

A
89

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

500K 6 CVEs
Ocean Extra

Ocean Extra

ocean-extra

A
91

Ocean Extra adds extra features and flexibility to the OceanWP theme for a turbocharged experience.

500K 17 CVEs
CMB2

CMB2

cmb2

B
84

CMB2 is a metabox, custom fields, and forms library for WordPress that will blow your mind.

300K 1 CVE
Firelight Lightbox

Firelight Lightbox

easy-fancybox

A
96

Formerly Easy Fancybox. The most popular WordPress lightbox plugin. Simple, fast, and responsive. Opens images, videos, PDFs, and custom popups.

200K 5 CVEs
Developer Profile

Standard Box Sizes – for WooCommerce Developer Profile

enituretechnology

29 plugins · 1K total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
11 days
View full developer profile
Detection Fingerprints

How We Detect Standard Box Sizes – for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/standard-box-sizes/admin/assets/css/bootstrap-iso.css/wp-content/plugins/standard-box-sizes/admin/assets/css/box-sizing-style.css/wp-content/plugins/standard-box-sizes/admin/assets/js/box-sizing-script.js
Script Paths
/wp-content/plugins/standard-box-sizes/admin/assets/js/box-sizing-script.js
Version Parameters
standard-box-sizes/admin/assets/css/bootstrap-iso.css?ver=standard-box-sizes/admin/assets/css/box-sizing-style.css?ver=standard-box-sizes/admin/assets/js/box-sizing-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
notice-dismiss-binnotice-errornotice-success
HTML Comments
<!-- if there is any message --><!-- Error case --><!-- update these notifications after checking flags --><!-- Success case -->+5 more
Data Attributes
id="message"id="bin-del"id="message" class="notice-dismiss-bin notice-error notice is-dismissible "id="message" class="notice-dismiss-bin notice-success notice is-dismissible "
JS Globals
window.sbs
REST Endpoints
/wp-json/eniture-tech/v1/request-key/wp-json/eniture-tech/v1/box-size
FAQ

Frequently Asked Questions about Standard Box Sizes – for WooCommerce