Does Ninja Tables – Easy Data Table Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in Ninja Tables – Easy Data Table Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ninja Tables – Easy Data Table Builder compatible with WordPress 6.9.4?

According to WordPress.org data, Ninja Tables – Easy Data Table Builder 5.2.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Ninja Tables – Easy Data Table Builder compatible with PHP 7.4+?

Ninja Tables – Easy Data Table Builder requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ninja Tables – Easy Data Table Builder updated?

Ninja Tables – Easy Data Table Builder was last updated on Feb 4, 2026. Frequent updates are generally a positive security signal.

What is Ninja Tables – Easy Data Table Builder's security score?

Ninja Tables – Easy Data Table Builder has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ninja Tables – Easy Data Table Builder Security & Risk Analysis

wordpress.org/plugins/ninja-tables

Best WordPress table builder plugin packed with versatile features to create fully responsive data tables of any kind.

80K active installs v5.2.7 PHP 7.4+ WP 6.0+ Updated Feb 4, 2026

datatablespreadsheettabletable-buildertables

A · Safe

CVEs total11

Unpatched0

Last CVEJan 7, 2026

Plugin page Download

Safety Verdict

Is Ninja Tables – Easy Data Table Builder Safe to Use in 2026?

Generally Safe

Score 92/100

Ninja Tables – Easy Data Table Builder has a strong security track record. Known vulnerabilities have been patched promptly.

11 known CVEsLast CVE: Jan 7, 2026Updated 1mo ago

Risk Assessment

The plugin "ninja-tables" v5.2.7 exhibits a mixed security posture. While it demonstrates good practices in several areas, such as a high percentage of properly escaped output and prepared SQL statements, several critical concerns are present. The presence of unprotected AJAX handlers directly contributes to the attack surface, as does the use of the dangerous `unserialize` function. Although no critical or high severity taint flows were identified in this analysis, the significant number of flows with unsanitized paths is a warning sign. The plugin's vulnerability history is particularly concerning, with 11 known CVEs, including a high severity vulnerability and numerous medium severity issues. The common vulnerability types point to persistent weaknesses in input validation and authorization. The last vulnerability being in 2026 suggests a potential for ongoing issues if development and security practices are not rigorously maintained. In conclusion, while the plugin shows some strengths in code quality, the historical vulnerability data and identified code-level risks necessitate caution and prompt remediation.

Key Concerns

Unprotected AJAX handlers present
Use of dangerous unserialize function
High number of unsanitized taint flows
History of 11 known CVEs
History of 1 high severity CVE
Bundled TinyMCE library
Bundled DataTables library

Vulnerabilities

Ninja Tables – Easy Data Table Builder Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

2 CVEs in 2023

2023

3 CVEs in 2024

2024

4 CVEs in 2025

2025

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

High

Medium

11 total CVEs

CVE-2025-69351medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ninja Tables <= 5.2.4 - Authenticated (Contributor+) SQL Injection

Jan 7, 2026 Patched in 5.2.5 (7d)

CVE-2025-67519medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ninja Tables <= 5.2.3 - Authenticated (Administrator+) SQL Injection

Dec 15, 2025 Patched in 5.2.4 (5d)

CVE-2025-2940high · 7.2Server-Side Request Forgery (SSRF)

Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated Server-Side Request Forgery

Jun 26, 2025 Patched in 5.0.19 (1d)

CVE-2025-2939medium · 5.6Deserialization of Untrusted Data

Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code Execution

Jun 2, 2025 Patched in 5.0.19 (1d)

CVE-2024-12772medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ninja Tables – Easy Data Table <= 5.0.16 - Authenticated (Admin+) Stored Cross-Site Scripting

Jan 9, 2025 Patched in 5.0.17 (42d)

CVE-2024-7304medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ninja Tables – Easiest Data Table Builder <= 5.0.12 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

Aug 26, 2024 Patched in 5.0.13 (1d)

CVE-2024-35635medium · 5.5Server-Side Request Forgery (SSRF)

Ninja Tables – Easiest Data Table Builder <= 5.0.9 - Authenticated (Admin+) Server-Side Request Forgery

May 30, 2024 Patched in 5.0.10 (7d)

CVE-2024-23504medium · 5.3Missing Authorization

Ninja Tables <= 5.0.5 - Missing Authorization

Jan 19, 2024 Patched in 5.0.6 (8d)

CVE-2022-47136medium · 4.3Cross-Site Request Forgery (CSRF)

Ninja Tables <= 4.3.4 - Cross-Site Request Forgery

Apr 20, 2023 Patched in 4.3.5 (278d)

CVE-2022-47137medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ninja Tables <= 4.3.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings

Apr 19, 2023 Patched in 4.3.5 (279d)

CVE-2021-24900medium · 4.8Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ninja Tables <= 4.1.7 - Admin+ Stored Cross-Site Cross-Site Scripting

Oct 25, 2021 Patched in 4.1.8 (820d)

Code Analysis

Analyzed Mar 16, 2026

Ninja Tables – Easy Data Table Builder Code Analysis

Dangerous Functions

Raw SQL Queries

20 prepared

Unescaped Output

545 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$raw_header = @unserialize($rawHeaders->data);database\Migrations\NinjaTablesSupsysticTableMigration.php:38

unserialize$cell = @unserialize($table_row->data);database\Migrations\NinjaTablesSupsysticTableMigration.php:52

Bundled Libraries

TinyMCEDataTables

SQL Query Safety

83% prepared24 total queries

Output Escaping

97% escaped564 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

9 flows7 with unsanitized paths

uploadTableCsv (app\Http\Controllers\ImportController.php:61)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Ninja Tables – Easy Data Table Builder Attack Surface

Entry Points6

Unprotected2

AJAX Handlers 3

authwp_ajax_ninja_tables_dismiss_admin_noticesapp\Hooks\Handlers\NoticeHandler.php:20

authwp_ajax_ninja_table_lead_optinapp\Modules\Lead\LeadFlow.php:22

authwp_ajax_ninja_table_review_consentapp\Modules\Lead\LeadFlow.php:27

Shortcodes 3

[ninja_table_info] app\Hooks\Handlers\PublicDataHandler.php:23

[ninja_table_cell] app\Hooks\Handlers\PublicDataHandler.php:24

[ninja_table_builder] app\Hooks\Handlers\PublicDataHandler.php:25

WordPress Hooks 34

filterninja_get_table_columns_publicapp\Features\ProductComparison.php:11

actionninja_rendering_table_wp_fctapp\Features\ProductComparison.php:12

actionninja_tables_before_table_printapp\Features\ProductComparison.php:13

actionwp_print_scriptsapp\Hooks\Handlers\AdminMenuHandler.php:409

filtermce_external_pluginsapp\Hooks\Handlers\EditorBlockHandler.php:25

filtermce_buttonsapp\Hooks\Handlers\EditorBlockHandler.php:26

actionadmin_footerapp\Hooks\Handlers\EditorBlockHandler.php:27

actionadmin_noticesapp\Hooks\Handlers\NoticeHandler.php:19

actionninja_tables_will_render_tableapp\Hooks\Handlers\PublicDataHandler.php:26

actionwp_headapp\Hooks\Handlers\PublicDataHandler.php:266

actionwp_footerapp\Hooks\Handlers\PublicDataHandler.php:304

filterninja_tables_get_table_defaultapp\Modules\DataProviders\DefaultProvider.php:12

filterninja_tables_fetching_table_rows_defaultapp\Modules\DataProviders\DefaultProvider.php:13

filterninja_tables_get_table_fluent-formapp\Modules\DataProviders\FluentFormProvider.php:14

filterninja_tables_get_table_data_fluent-formapp\Modules\DataProviders\FluentFormProvider.php:15

filterninja_tables_fetching_table_rows_fluent-formapp\Modules\DataProviders\FluentFormProvider.php:16

filterfluentform_verify_user_permission_fluentform_entries_viewerapp\Modules\DataProviders\FluentFormProvider.php:168

filterfluentform_verify_user_permission_fluentform_entries_viewerapp\Modules\DataProviders\FluentFormProvider.php:238

actionwp_footerapp\Modules\DataProviders\NinjaFooTable.php:142

actionwp_footerapp\Modules\DataProviders\NinjaFooTable.php:524

actionwp_footerapp\Modules\DataProviders\NinjaFooTable.php:769

actionninja_tables_before_table_printapp\Modules\FluentCart\Handlers\FluentCartHandler.php:351

actionninja_tables_after_table_printapp\Modules\FluentCart\Handlers\FluentCartHandler.php:354

actionenqueue_block_editor_assetsapp\Modules\Gutenberg\GutenbergModule.php:13

actionsave_postapp\Modules\Gutenberg\GutenbergModule.php:14

filterninja_tables_show_leadapp\Modules\Lead\LeadFlow.php:21

actionninja_table_lead_optin_yesapp\Modules\Lead\LeadFlow.php:23

filterninja_tables_show_review_optinapp\Modules\Lead\LeadFlow.php:26

actionadmin_noticesapp\Modules\Lead\LeadFlow.php:76

actionadmin_noticesapp\Modules\Lead\LeadFlow.php:84

actionplugins_loadedboot\app.php:19

actionadmin_noticesboot\app.php:24

filtersafe_style_cssboot\ninja-tables-global-function.php:351

actionshutdownboot\ninja-tables-global-function.php:1193

Maintenance & Trust

Ninja Tables – Easy Data Table Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 4, 2026

PHP min version7.4

Downloads2.7M

Community Trust

Rating92/100

Number of ratings469

Active installs80K

Alternatives

Ninja Tables – Easy Data Table Builder Alternatives

Data Tables Generator by Supsystic

data-tables-generator-by-supsystic

Create data tables with charts and graphs. Custom design, navigation, searching and ordering functions. Export to PDF, CSV, Print. Excel spreadsheet.

20K 8 CVEs

League Table – WordPress Table Plugin

league-table-lite

100

League Table is a table plugin that you can use to create sortable and responsive tables on your WordPress website.

2K 1 CVE

Stylish Google Sheet Reader – Embed Google Sheets as Interactive Tables with Built-in Form Submissions

stylish-google-sheet-reader

Effortlessly create responsive, searchable, auto-refreshable data tables — now with built-in form submissions to receive orders or inquiries directly.

200 2 CVEs

Smart Table Builder

smart-table-builder

Create beautiful, responsive HTML tables from scratch or convert Excel and CSV files into WordPress tables effortlessly.

100 1 CVE

Table Editor

wp-table-editor

Table Editor is a WordPress plugin used to quickly create tables from Excel, CSV and other data sources.

100 1 unpatched

Developer Profile

Ninja Tables – Easy Data Table Builder Developer Profile

Shahjahan Jewel

17 plugins · 1.3M total installs

trust score

Avg Security Score

92/100

Avg Patch Time

113 days

View full developer profile

Detection Fingerprints

How We Detect Ninja Tables – Easy Data Table Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ninja-tables/assets/css/ninja-tables-style.css/wp-content/plugins/ninja-tables/assets/css/ninja-tables-editor-style.css/wp-content/plugins/ninja-tables/assets/js/ninja-tables-script.js/wp-content/plugins/ninja-tables/assets/js/fluent-cart/ninja_table_fct_comparison.js

Version Parameters

ninja-tables/assets/css/ninja-tables-style.css?ver=ninja-tables/assets/css/ninja-tables-editor-style.css?ver=ninja-tables/assets/js/ninja-tables-script.js?ver=ninja-tables/assets/js/fluent-cart/ninja_table_fct_comparison.js?ver=

HTML / DOM Fingerprints

CSS Classes

ninja-tables-wrapperninja-tables-containerninja-bulk-actions-trninja-bulk-actionsninja-bulk-action-selectninja-bulk-apply-btnninja-compare-headerninja-compare-checkbox-toggle

Data Attributes

data-table-id

JS Globals

NinjaTablesVersion

Shortcode Output

[ninja_tables id=

FAQ

Ninja Tables – Easy Data Table Builder Security & Risk Analysis

Is Ninja Tables – Easy Data Table Builder Safe to Use in 2026?

Generally Safe

Key Concerns

Ninja Tables – Easy Data Table Builder Security Vulnerabilities

CVEs by Year

Severity Breakdown

Ninja Tables – Easy Data Table Builder Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Ninja Tables – Easy Data Table Builder Attack Surface

AJAX Handlers 3

Shortcodes 3

Ninja Tables – Easy Data Table Builder Maintenance & Trust

Maintenance Signals

Community Trust

Ninja Tables – Easy Data Table Builder Alternatives

Data Tables Generator by Supsystic

League Table – WordPress Table Plugin

Stylish Google Sheet Reader – Embed Google Sheets as Interactive Tables with Built-in Form Submissions

Smart Table Builder

Table Editor

Ninja Tables – Easy Data Table Builder Developer Profile

How We Detect Ninja Tables – Easy Data Table Builder

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Ninja Tables – Easy Data Table Builder