Does Pricing Table builder – Price List have any unpatched vulnerabilities?

Yes — Pricing Table builder – Price List currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Pricing Table builder – Price List compatible with WordPress 6.9.4?

According to WordPress.org data, Pricing Table builder – Price List 1.5.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Pricing Table builder – Price List updated?

Pricing Table builder – Price List was last updated on Feb 2, 2026. Frequent updates are generally a positive security signal.

What is Pricing Table builder – Price List's security score?

Pricing Table builder – Price List has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pricing Table builder – Price List Security & Risk Analysis

wordpress.org/plugins/wpdevart-pricing-table

WordPress Pricing Table is a great plugin for creating beautiful pricing tables for your website. Use our plugin themes and create beautiful spreadshe …

100 active installs v1.5.3 PHP + WP 3.4.0+ Updated Feb 2, 2026

comparison-tablesprice-listprice-tablepricing-tableresponsive-pricing-table

B · Generally Safe

CVEs total1

Unpatched1

Last CVEJun 29, 2025

Plugin page Download

Safety Verdict

Is Pricing Table builder – Price List Safe to Use in 2026?

Mostly Safe

Score 78/100

Pricing Table builder – Price List is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Jun 29, 2025Updated 1mo ago

Risk Assessment

The wpdevart-pricing-table plugin version 1.5.3 exhibits a concerning security posture due to several critical weaknesses identified in the static analysis and taint analysis. While the plugin avoids dangerous functions and file operations, its handling of AJAX requests and output escaping is problematic. Specifically, one AJAX handler lacks authentication checks, creating a direct entry point for unauthenticated users. Furthermore, a significant portion of output (78%) is not properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities. The taint analysis revealing four high-severity flows with unsanitized paths further amplifies these concerns, suggesting potential for data manipulation or injection attacks. The plugin's vulnerability history, including one unpatched medium-severity CVE related to CSRF, indicates a pattern of security issues that require attention. Although the plugin does not bundle libraries, the identified vulnerabilities and poor sanitization practices present a notable risk.

Key Concerns

Unprotected AJAX handler
High severity taint flows with unsanitized paths
Low percentage of properly escaped output
Missing nonce checks on AJAX
Unpatched medium severity CVE

Vulnerabilities

Pricing Table builder – Price List Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-62886medium · 4.3Cross-Site Request Forgery (CSRF)

Pricing Table builder <= 1.5.1 - Cross-Site Request Forgery

Jun 29, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Pricing Table builder – Price List Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

214

59 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

43% prepared21 total queries

Output Escaping

22% escaped273 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths

<wpdevart_library> (includes\wpdevart_library.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Pricing Table builder – Price List Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_wpda_pricing_table_post_page_contentincludes\admin\admin.php:22

Shortcodes 1

[wpdevart_pricing_table] includes\frontend\front_end.php:13

WordPress Hooks 10

actionadmin_menuincludes\admin\admin.php:18

filtermce_external_pluginsincludes\admin\admin.php:20

filtermce_buttonsincludes\admin\admin.php:21

actionwp_default_scriptsincludes\admin\admin.php:24

actioninitincludes\admin\gutenberg\gutenberg.php:11

filterwp_headincludes\frontend\front_end.php:12

filterposts_fieldsincludes\wpdevart_library.php:416

filterpages_fieldsincludes\wpdevart_library.php:417

actioninitwpdevart-pricing-table.php:59

actioninitwpdevart-pricing-table.php:60

Maintenance & Trust

Pricing Table builder – Price List Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 2, 2026

PHP min version

Downloads15K

Community Trust

Rating60/100

Number of ratings2

Active installs100

Alternatives

Pricing Table builder – Price List Alternatives

WRC Pricing Tables – Responsive CSS3 Pricing Tables

wrc-pricing-tables

Responsive CSS3 pricing tables design to present features and prices of different products. Display pricing tables or comparison table by shortcode.

2K 2 CVEs

Pricing Table For WPBakery Page Builder

price-table-for-wpbakery-page-builder

Add Stylish, Unique and Fully Customizable Price table to your site. A unique Pricing Tables to suit your needs.

600 No CVEs

Pricing Table – Responsive & Easy

abc-pricing-table

100

Display pricing plans with responsive tables. Unlimited packages, 4 templates, shortcode support. Works with Elementor and Gutenberg.

4K No CVEs

Stylish Price List – Price Table Builder & QR Code Restaurant Menu

stylish-price-list

Stop Losing Customers Due to Confusing Pricing - Transform confused visitors into paying customers with crystal-clear price lists that increase conver …

3K 6 CVEs

Pricing Table Block – Show Product or Service Pricing in Table Format

b-pricing-table

100

Create and display a professional-looking product pricing table in WordPress.

2K No CVEs

Developer Profile

Pricing Table builder – Price List Developer Profile

wpdevart

45 plugins · 52K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

581 days

View full developer profile

Detection Fingerprints

How We Detect Pricing Table builder – Price List

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpdevart-pricing-table/includes/admin/css/fontawesome.css/wp-content/plugins/wpdevart-pricing-table/includes/admin/gutenberg/style.css/wp-content/plugins/wpdevart-pricing-table/includes/admin/gutenberg/block.js

Script Paths

/wp-content/plugins/wpdevart-pricing-table/includes/admin/gutenberg/block.js

Version Parameters

wpdevart-pricing-table/includes/admin/gutenberg/block.js?ver=wpdevart-pricing-table/includes/admin/gutenberg/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

wpdevart-pricing-tablewpda_pricing_table_menuwpda_pricing_table_themeswpda_pricing_table_featured_pluginswpda_pricing_table_featured_themeswpda_pricing_table_hire_expert

Data Attributes

data-wpdevart-pricing-table-iddata-post-id

JS Globals

wpdevart_pricing_table_plugin_urlwpda_pricing_table_idwpda_pricing_table_editor_datawpda_pricing_table_nonce

REST Endpoints

/wp-json/wpdevart-pricing-table/v1/get-pricing-tables/wp-json/wpdevart-pricing-table/v1/get-pricing-table-by-id

Shortcode Output

[wpdevart_pricing_table id="wpdevart_pricing_table_shortcode

FAQ