Does DB Table Viewer have any unpatched vulnerabilities?

No. All known vulnerabilities in DB Table Viewer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is DB Table Viewer compatible with WordPress 6.7.5?

According to WordPress.org data, DB Table Viewer 1.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is DB Table Viewer compatible with PHP 7.2+?

DB Table Viewer requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is DB Table Viewer updated?

DB Table Viewer was last updated on Feb 5, 2025. Frequent updates are generally a positive security signal.

What is DB Table Viewer's security score?

DB Table Viewer has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

DB Table Viewer Security & Risk Analysis

wordpress.org/plugins/db-table-viewer

A WordPress plugin to display database table data with pagination in a user-friendly format.

100 active installs v1.0 PHP 7.2+ WP 5.0+ Updated Feb 5, 2025

admindatabasepaginationtableviewer

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is DB Table Viewer Safe to Use in 2026?

Generally Safe

Score 92/100

DB Table Viewer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The db-table-viewer v1.0 plugin exhibits a strong security posture based on the provided static analysis. The code demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping all outputs. The absence of dangerous functions, file operations, and external HTTP requests further enhances its security. Furthermore, the plugin has no recorded vulnerability history, indicating a history of stable and secure development.

However, a key concern arises from the lack of nonce checks on its single AJAX handler. While a capability check is present, the absence of nonce validation leaves the AJAX endpoint potentially vulnerable to Cross-Site Request Forgery (CSRF) attacks. This means an attacker could trick a logged-in user into executing unintended actions by submitting a crafted request to the plugin's AJAX handler.

In conclusion, while the plugin is architecturally sound in most areas, the missing nonce check on the AJAX handler represents a specific, albeit addressable, security weakness. The absence of known vulnerabilities and the use of secure coding practices are significant strengths, but the CSRF risk should be mitigated.

Key Concerns

Missing nonce check on AJAX handler

Vulnerabilities

None known

DB Table Viewer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

DB Table Viewer Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared5 total queries

Output Escaping

100% escaped8 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

get_table_data (db-table-viewer.php:96)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

DB Table Viewer Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_get_table_datadb-table-viewer.php:25

WordPress Hooks 2

actionadmin_menudb-table-viewer.php:23

actionadmin_enqueue_scriptsdb-table-viewer.php:24

Maintenance & Trust

DB Table Viewer Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 5, 2025

PHP min version7.2

Downloads866

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

DB Table Viewer Alternatives

DB Viewer

db-viewer

100

View your WordPress database directly inside your Dashboard. No need for phpMyAdmin or hosting panels.

80 No CVEs

Drastic Table Manager

drastic-table-manager

AJAX-based table manager for WordPress. It is built using the excellent data grid from DrasticTools.

10 No CVEs

Admin Columns

codepress-admin-columns

100

Customise columns on the administration screens for post(types), pages, media, comments, links and users with an easy to use drag-and-drop interface.

100K No CVEs

WP-DBManager

wp-dbmanager

Manages your WordPress database.

60K 5 CVEs

WP phpMyAdmin

wp-phpmyadmin-extension

[ ✅ 𝐒𝐄𝐂𝐔𝐑𝐄 𝐏𝐋𝐔𝐆𝐈𝐍𝐒 𝐵𝓎 𝒫𝓊𝓋𝑜𝓍 ] phpMyAdmin - Database Browser & Manager (for MySQL & MariaDB)

50K 2 CVEs

Developer Profile

DB Table Viewer Developer Profile

Vrutika Darji

1 plugin · 100 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect DB Table Viewer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/db-table-viewer/assets/js/db-table-viewer.js/wp-content/plugins/db-table-viewer/assets/css/db-table-viewer.css

Script Paths

/wp-content/plugins/db-table-viewer/assets/js/db-table-viewer.js

Version Parameters

db-table-viewer/assets/js/db-table-viewer.js?ver=1.0db-table-viewer/assets/css/db-table-viewer.css?ver=1.0

HTML / DOM Fingerprints

CSS Classes

page-button

Data Attributes

data-page

JS Globals

DBTableViewer

REST Endpoints

/wp-json/wp/v2/users

FAQ