WP-Safety

WP Table Pixie Security & Risk Analysis

wordpress.org/plugins/wp-table-pixie

Search, sort, view and edit your settings and metadata, even serialized and base64 encoded values.

20 active installs v1.3.1 PHP 7.0+ WP 5.5+ Updated Dec 1, 2025
editmetadataoptionssearchsort
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Table Pixie Safe to Use in 2026?

Generally Safe

Score 100/100

WP Table Pixie has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The wp-table-pixie plugin v1.3.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping a high percentage of its outputs. The absence of file operations, external HTTP requests, and known historical vulnerabilities also contributes to a relatively stable foundation. However, significant security concerns arise from its attack surface. The presence of four AJAX handlers without any authentication or capability checks represents a critical weakness, potentially allowing unauthorized users to trigger plugin functionalities. Furthermore, the use of the `unserialize` function, especially in conjunction with data processed from external sources without proper sanitization, poses a risk of remote code execution or denial of service vulnerabilities. While taint analysis did not reveal critical or high severity issues, the identified flows with unsanitized paths, combined with the `unserialize` function and unprotected AJAX endpoints, suggest that these could be potential vectors for exploitation.

Key Concerns

  • Unprotected AJAX handlers
  • Use of unserialize function
  • Flows with unsanitized paths
  • Missing capability checks on AJAX
Vulnerabilities
None known

WP Table Pixie Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Table Pixie Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
5 prepared
Unescaped Output
10
75 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserializereturn @unserialize( $data, array( 'allowed_classes' => false ) );includes\class-table-pixie-data-format.php:337

SQL Query Safety

100% prepared5 total queries

Output Escaping

88% escaped85 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

7 flows3 with unsanitized paths
ajax_records (admin\class-table-pixie-admin-edit.php:785)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

WP Table Pixie Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_table_pixie_toggle_truncateincludes\class-table-pixie.php:139
authwp_ajax_table_pixie_toggle_remember_searchincludes\class-table-pixie.php:140
authwp_ajax_table_pixie_admin_edit_recordsincludes\class-table-pixie.php:166
authwp_ajax_table_pixie_admin_edit_toggle_delete_protectedincludes\class-table-pixie.php:167
WordPress Hooks 31
filterscreen_settingsadmin\class-table-pixie-admin-edit.php:170
filterscreen_settingsadmin\class-table-pixie-admin.php:115
filterlist_table_primary_columnincludes\class-table-pixie-list-table.php:27
actionplugins_loadedincludes\class-table-pixie.php:109
actionadmin_enqueue_scriptsincludes\class-table-pixie.php:119
actionadmin_enqueue_scriptsincludes\class-table-pixie.php:120
actioninitincludes\class-table-pixie.php:122
actionnetwork_admin_menuincludes\class-table-pixie.php:125
actionadmin_menuincludes\class-table-pixie.php:127
actiontable_pixie_admin_page_hookedincludes\class-table-pixie.php:129
filterset-screen-optionincludes\class-table-pixie.php:130
filtertable_pixie_get_query_stringincludes\class-table-pixie.php:132
filtertable_pixie_get_countincludes\class-table-pixie.php:133
filtertable_pixie_get_itemincludes\class-table-pixie.php:134
filtertable_pixie_column_displayincludes\class-table-pixie.php:136
filtertable_pixie_column_row_actionsincludes\class-table-pixie.php:137
filtertable_pixie_extra_tablenavincludes\class-table-pixie.php:138
actionadded_user_metaincludes\class-table-pixie.php:141
actionupdated_user_metaincludes\class-table-pixie.php:142
filtertable_pixie_format_row_actionsincludes\class-table-pixie.php:147
actionadmin_enqueue_scriptsincludes\class-table-pixie.php:152
actionadmin_enqueue_scriptsincludes\class-table-pixie.php:153
actionadmin_footerincludes\class-table-pixie.php:154
actionadmin_noticesincludes\class-table-pixie.php:155
actionnetwork_admin_noticesincludes\class-table-pixie.php:156
actiontable_pixie_admin_page_hookedincludes\class-table-pixie.php:158
filtertable_pixie_admin_titleincludes\class-table-pixie.php:159
filtertable_pixie_set_help_tabsincludes\class-table-pixie.php:160
filtertable_pixie_get_bulk_actionsincludes\class-table-pixie.php:162
actiontable_pixie_process_actionincludes\class-table-pixie.php:163
filtertable_pixie_column_row_actionsincludes\class-table-pixie.php:164
Maintenance & Trust

WP Table Pixie Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 1, 2025
PHP min version7.0
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

WP Table Pixie Alternatives

Themify – WooCommerce Product Filter

Themify – WooCommerce Product Filter

themify-wc-product-filter

A
86

This plugin helps shoppers quickly find products in your WooCommerce shop by filtering through price, categories, attributes, tags, and more.

20K 6 CVEs
FV Clone Screen Options

FV Clone Screen Options

fv-clone-screen-options

A
92

Simple plugin which lets you manage Screen Options of all the users on your blog.

2K No CVEs
Search and Replace for Block Editor

Search and Replace for Block Editor

search-replace-for-block-editor

A
100

Search and Replace text within the WordPress Block Editor just like Microsoft Word or Google Docs. It's super fast, easy & just works!

2K No CVEs
Better Internal Link Search

Better Internal Link Search

better-internal-link-search

A
85

Improve the internal link popup manager with time-saving enhancements and features.

1K No CVEs
Dropdown multisite selector

Dropdown multisite selector

dropdown-multisite-selector

A
91

Gives you the resources to make select field with redirecting options to a given URLs.

1K 2 CVEs
Developer Profile

WP Table Pixie Developer Profile

ianmjones

2 plugins · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Table Pixie

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-table-pixie/admin/bootstrap/css/bootstrap.css/wp-content/plugins/wp-table-pixie/admin/css/table-pixie-admin-edit.css/wp-content/plugins/wp-table-pixie/admin/bootstrap/js/bootstrap.js/wp-content/plugins/wp-table-pixie/admin/js/table-pixie-admin-edit.js
Script Paths
/wp-content/plugins/wp-table-pixie/admin/bootstrap/js/bootstrap.js/wp-content/plugins/wp-table-pixie/admin/js/table-pixie-admin-edit.js
Version Parameters
wp-table-pixie/admin/bootstrap/css/bootstrap.css?ver=wp-table-pixie/admin/css/table-pixie-admin-edit.css?ver=wp-table-pixie/admin/bootstrap/js/bootstrap.js?ver=wp-table-pixie/admin/js/table-pixie-admin-edit.js?ver=

HTML / DOM Fingerprints

CSS Classes
delete-protected-tog
Data Attributes
TablePixieAdminEdit.showEdit(
JS Globals
TablePixieAdminEdit
FAQ

Frequently Asked Questions about WP Table Pixie