Does FlippingBook have any unpatched vulnerabilities?

No. All known vulnerabilities in FlippingBook have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is FlippingBook compatible with WordPress 6.9.4?

According to WordPress.org data, FlippingBook 2.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is FlippingBook compatible with PHP 5.5.0+?

FlippingBook requires PHP 5.5.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is FlippingBook updated?

FlippingBook was last updated on Jan 26, 2026. Frequent updates are generally a positive security signal.

What is FlippingBook's security score?

FlippingBook has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

FlippingBook Security & Risk Analysis

wordpress.org/plugins/flippingbook

Embed PDFs into your WordPress site as interactive flipbooks. Attractive and trackable, flipbooks are a great alternative to static PDFs.

2K active installs v2.0.2 PHP 5.5.0+ WP 3.2+ Updated Jan 26, 2026

catalogembed-pdfflipbookpage-flippdf-viewer

A · Safe

CVEs total1

Unpatched0

Last CVEDec 28, 2025

Plugin page Download

Safety Verdict

Is FlippingBook Safe to Use in 2026?

Generally Safe

Score 99/100

FlippingBook has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 28, 2025Updated 2mo ago

Risk Assessment

The 'flippingbook' plugin v2.0.2 exhibits a generally positive security posture with strong practices in output escaping and a lack of dangerous functions or file operations. The plugin also demonstrates capability checks for its code paths, which is a good security control. However, a significant concern arises from the use of raw SQL queries without prepared statements, indicating a potential for SQL injection vulnerabilities. While the static analysis did not reveal any direct taint flows, the raw SQL usage is a clear risk that should not be overlooked. The plugin has a history of one known medium severity Cross-Site Scripting (XSS) vulnerability, although it is currently patched. This history, combined with the identified raw SQL, suggests a need for continued vigilance and code review to ensure robust protection against common web application attacks.

Key Concerns

Raw SQL queries without prepared statements detected
History of medium severity Cross-Site Scripting (XSS) vulnerability

Vulnerabilities

FlippingBook Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-69019medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

FlippingBook <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 28, 2025 Patched in 2.0.2 (31d)

Code Analysis

Analyzed Mar 16, 2026

FlippingBook Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

32 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

100% escaped32 total outputs

Attack Surface

FlippingBook Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[flippingbook] flippingbook.php:65

WordPress Hooks 3

filteroembed_dataparseflippingbook.php:57

actionadmin_initflippingbook.php:66

actionadmin_menuflippingbook.php:67

Maintenance & Trust

FlippingBook Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 26, 2026

PHP min version5.5.0

Downloads61K

Community Trust

Rating80/100

Number of ratings4

Active installs2K

Alternatives

FlippingBook Alternatives

Publuu Flipbook

publuu-flipbook

100

Transform static PDFs into interactive flipbooks and make your WordPress content more engaging.

0 No CVEs

PDF Embedder

pdf-embedder

100

Seamlessly embed PDFs into your content, with customizations and intelligent responsive resizing, and no third-party services or iframes.

300K 1 CVE

Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer

3d-flipbook-dflip-lite

Dear Flipbook creates PDF Flipbook, 3D Flipbook, PDF viewer, PDF embed for WordPress sites. Create impressive and realistic 3D flipbooks with PDFs.

100K 8 CVEs

3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery

interactive-3d-flipbook-powered-physics-engine

3D FlipBook is PDF Viewer, allowing to browse images, PDFs or HTMLs as flipbook. Flipbook attracts user attention and makes more impression on him.

80K 8 CVEs

PDF Poster – Display PDF Files with Custom Viewer

pdf-poster

100

PDF Poster lets you embed PDF files in WordPress using a responsive viewer and block support, including full-screen, download, and print options.

20K 1 CVE

Developer Profile

FlippingBook Developer Profile

FlippingBook

1 plugin · 2K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

31 days

View full developer profile

Detection Fingerprints

How We Detect FlippingBook

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/flippingbook/css/public.css/wp-content/plugins/flippingbook/js/public.js

Version Parameters

flippingbook/css/public.css?ver=flippingbook/js/public.js?ver=

HTML / DOM Fingerprints

CSS Classes

flippingbook-container

Data Attributes

data-fb-versiondata-fb-methoddata-fb-widthdata-fb-heightdata-fb-ratiodata-fb-lightbox+6 more

Shortcode Output

<div class="flippingbook-container"

FAQ