TablePress – Tables in WordPress made easy

Vulnerabilities 12Slug tablepressLatest version 3.3WordPress.org →

Minimum safe version

3.2.5

Update to 3.2.5 or later to address 12 fixable vulnerabilities

Latest available3.3 ✓

Medium 6.1

2026-05-01< 3.0.3

CVE-2024-13362

CVE Wordfence

Medium 6.4

2025-11-04< 3.2.5

CVE-2025-12324

CVE Wordfence

Medium 6.4

2025-08-30< 3.2.1

TablePress <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter

EUVD Wordfence CVE

Medium 6.4

2025-05-23< 3.1.3

TablePress <= 3.1.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Parameters

EUVD Wordfence CVE

Medium 6.4

2025-03-27< 3.1

TablePress – Tables in WordPress made easy <= 3.0.4 - Authenticated (Author+) Stored Cross-Site Scripting

EUVD Wordfence Patchstack CVE

High 7.5

2024-10-07< 2.4.3

CVE-2024-45293

CVE Wordfence

Medium 5.4

2024-10-14< 2.4.3

WordPress TablePress Plugin <= 2.4.2 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence

Medium 6.4

2024-06-07< 2.3.2

CVE-2024-4354

CVE Patchstack Wordfence

Medium 4.9

2024-01-31< 2.2.5

TablePress <= 2.2.4 - Authenticated(Author+) Server Side Request Forgery(SSRF) via _get_import_files

Wordfence CVE Patchstack WPScan

N/A

2023-07-18< 2.1.5

WordPress TablePress Plugin < 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Medium 4.3

2017-11-26< 1.8.1

WordPress TablePress plugin <=1.8 - Authenticated XML External Entity (XXE) vulnerability

Patchstack CVE JVN Wordfence WPScan

Medium 6.8

2020-02-01< 2.0

TablePress <= 1.14 - Authenticated (Author+) CSV Injection

Wordfence CVE