WP-Safety

Coupon Box for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-coupon-box

Engage customers while collecting their email address with a well-designed popup. Optionally reward them with coupons.

1K active installs v2.1.11 PHP 7.0+ WP 5.0+ Updated Mar 6, 2026
couponcoupon-boxcoupon-subscribewoocommerce-couponwoocommerce-subscribe
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Coupon Box for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Coupon Box for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "woo-coupon-box" plugin v2.1.11 exhibits a generally strong security posture based on the provided static analysis. The complete lack of critical or high severity taint flows, coupled with the near-perfect output escaping and robust use of prepared statements for SQL queries, indicates good development practices. The plugin also implements a reasonable number of nonce and capability checks, particularly considering the number of AJAX handlers. The absence of any recorded vulnerabilities in its history further strengthens this positive assessment, suggesting a history of secure development and maintenance.

Despite the strong positive indicators, a few areas warrant attention. The presence of 5 external HTTP requests, while not inherently a vulnerability, represents an external dependency that could potentially be exploited if a third-party service is compromised. Similarly, the single file operation, while isolated, could be a point of interest if not handled with extreme care. The bundling of Select2, while a useful library, also introduces a dependency that would need to be managed for security updates. Overall, the plugin appears to be secure, but vigilant monitoring of external dependencies and file operations would be prudent.

Key Concerns

  • External HTTP requests found
  • File operations found
  • Bundled library (Select2)
Vulnerabilities
None known

Coupon Box for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Coupon Box for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
11
569 escaped
Nonce Checks
11
Capability Checks
7
File Operations
1
External Requests
5
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

98% escaped580 total outputs
Data Flows
All sanitized

Data Flow Analysis

6 flows
generate_csv (admin\export-email.php:18)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Coupon Box for WooCommerce Attack Surface

Entry Points9
Unprotected0

AJAX Handlers 8

authwp_ajax_wcb_search_couponadmin\settings.php:24
authwp_ajax_wcb_search_productadmin\settings.php:25
authwp_ajax_wcb_search_cateadmin\settings.php:26
authwp_ajax_wcb_preview_emailsadmin\settings.php:29
noprivwp_ajax_wcb_emailfrontend\frontend.php:18
authwp_ajax_wcb_emailfrontend\frontend.php:19
noprivwp_ajax_wcb_widget_subscribefrontend\shortcode.php:20
authwp_ajax_wcb_widget_subscribefrontend\shortcode.php:21

Shortcodes 1

[wcb_widget] frontend\shortcode.php:25
WordPress Hooks 43
filterplugin_action_links_woo-coupon-box/woo-coupon-box.phpadmin\admin.php:18
actioninitadmin\admin.php:23
actionadmin_initadmin\admin.php:24
filtermanage_wcb_posts_columnsadmin\admin.php:25
actionmanage_wcb_posts_custom_columnadmin\admin.php:26
actionrestrict_manage_postsadmin\admin.php:28
actionparse_queryadmin\admin.php:29
actioncustomize_registeradmin\design.php:19
actioncustomize_preview_initadmin\design.php:20
actionwp_enqueue_scriptsadmin\design.php:21
actioncustomize_controls_enqueue_scriptsadmin\design.php:22
actionwp_footeradmin\design.php:23
actionadmin_menuadmin\export-email.php:10
actionadmin_enqueue_scriptsadmin\export-email.php:11
actionadmin_initadmin\export-email.php:12
actionadmin_menuadmin\settings.php:19
actionadmin_enqueue_scriptsadmin\settings.php:20
actionadmin_initadmin\settings.php:21
actionmedia_buttonsadmin\settings.php:28
actionadmin_footeradmin\settings.php:30
actionadmin_menuadmin\system.php:8
actionwp_enqueue_scriptsfrontend\frontend.php:15
filterviwec_disable_woocommerce_email_inline_stylefrontend\frontend.php:354
actionwp_footerfrontend\frontend.php:582
actioninitfrontend\shortcode.php:18
actionwp_enqueue_scriptsfrontend\shortcode.php:26
filterviwec_disable_woocommerce_email_inline_stylefrontend\shortcode.php:392
actionelementor/widgets/widgets_registeredincludes\3rd\elementor\elementor.php:8
actionelementor/preview/enqueue_stylesincludes\3rd\elementor\elementor.php:16
actionelementor/preview/enqueue_scriptsincludes\3rd\elementor\elementor.php:19
actionadmin_enqueue_scriptsincludes\support.php:32
actionadmin_noticesincludes\support.php:33
actionadmin_initincludes\support.php:34
actionadmin_menuincludes\support.php:35
filterplugin_row_metaincludes\support.php:37
actionadmin_initincludes\support.php:39
actionadmin_bar_menuincludes\support.php:41
actionadmin_noticesincludes\support.php:55
actionadmin_footerincludes\support.php:672
actionadmin_bar_menuincludes\support.php:810
actionadmin_noticesincludes\support.php:956
actionbefore_woocommerce_initwoo-coupon-box.php:28
actionplugins_loadedwoo-coupon-box.php:42
Maintenance & Trust

Coupon Box for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 6, 2026
PHP min version7.0
Downloads92K

Community Trust

Rating92/100
Number of ratings37
Active installs1K
Alternatives

Coupon Box for WooCommerce Alternatives

Smart Coupons For WooCommerce Coupons

Smart Coupons For WooCommerce Coupons

wt-smart-coupons-for-woocommerce

A
99

Best WooCommerce coupons plugin to create advanced coupons and discount codes with auto-apply, BOGO, free shipping, giveaways, and discount rules.

30K 1 CVE
Advanced Coupons for WooCommerce Coupons & Store Credit

Advanced Coupons for WooCommerce Coupons & Store Credit

advanced-coupons-for-woocommerce-free

A
96

Enhance WooCommerce coupons with new coupon types, BOGO coupons, store credit, discount rules, url coupons, gift cards, loyalty program + more!

20K 2 CVEs
Coupon Generator for WooCommerce

Coupon Generator for WooCommerce

coupon-generator-for-woocommerce

A
92

Generate WooCommerce coupons easily and fast.

10K No CVEs
Power Coupons for WooCommerce

Power Coupons for WooCommerce

power-coupons

A
100

WordPress coupon plugin for WooCommerce that auto-applies discounts with flexible rules and dynamic cart incentives—no codes required.

2K No CVEs
First Order Coupon Manager for WooCommerce

First Order Coupon Manager for WooCommerce

first-order-coupon-manager-for-woocommerce

A
85

Maintain the first-order discount using this plugin.

1K No CVEs
Developer Profile

Coupon Box for WooCommerce Developer Profile

VillaTheme

58 plugins · 167K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
214 days
View full developer profile
Detection Fingerprints

How We Detect Coupon Box for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-coupon-box/css/customizer.css/wp-content/plugins/woo-coupon-box/css/wcb_social_icons.css/wp-content/plugins/woo-coupon-box/css/wcb_button_close_icons.css/wp-content/plugins/woo-coupon-box/css/wcb_giftbox.css/wp-content/plugins/woo-coupon-box/js/customize-setting.js/wp-content/plugins/woo-coupon-box/css/popup-effect/wcb-md-effect-1.css/wp-content/plugins/woo-coupon-box/css/popup-effect/wcb-md-effect-2.css/wp-content/plugins/woo-coupon-box/css/popup-effect/wcb-md-effect-3.css+14 more
Script Paths
/wp-content/plugins/woo-coupon-box/js/customize-setting.js
Version Parameters
woo-coupon-box/css/customizer.css?ver=woo-coupon-box/css/wcb_social_icons.css?ver=woo-coupon-box/css/wcb_button_close_icons.css?ver=woo-coupon-box/css/wcb_giftbox.css?ver=woo-coupon-box/js/customize-setting.js?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-1.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-2.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-3.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-4.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-5.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-6.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-7.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-8.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-9.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-10.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-11.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-12.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-13.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-14.css?ver=woo-coupon-box/css/popup-effect/wcb-md-effect-15.css?ver=woo-coupon-box/css/weather.css?ver=woo-coupon-box/css/basic.css?ver=

HTML / DOM Fingerprints

CSS Classes
wcb-coupon-boxwcb-md-contentwcb-modal-headerwcb-modal-bodywcb-coupon-messagewcb-text-titlewcb-newsletterwcb-email+3 more
HTML Comments
Class Name: VI_WOO_COUPON_BOX_Admin_AdminAuthor: Andy Ha (support@villatheme.com)Author URI: http://villatheme.comCopyright 2015 villatheme.com. All rights reserved.
Data Attributes
wcb_bg_headerwcb_color_headerwcb_title_sizewcb_title_spacewcb_body_bgwcb_body_text_color+13 more
FAQ

Frequently Asked Questions about Coupon Box for WooCommerce