WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards

Vulnerabilities 12Slug wp-data-accessLatest version 5.5.72WordPress.org →

Minimum safe version

5.5.64

Update to 5.5.64 or later to address 12 fixable vulnerabilities

Latest available5.5.72 ✓

Medium 6.1

2026-05-01< 5.5.32

CVE-2024-13362

CVE Wordfence

N/A

2026-02-13< 5.5.64

WP Data Access <= 5.5.63 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpda_app' Shortcode

Wordfence CVE

Medium 6.5

2025-04-16< 5.5.37

CVE-2025-39582

CVE EUVD Wordfence

High 7.5

2024-12-25< 5.5.23

CVE-2024-12428

CVE Wordfence Patchstack

Medium 6.3

2024-10-16< 5.1.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 4.3

2024-08-26< 5.5.9

CVE-2024-43295

CVE Patchstack Wordfence

N/A

2023-07-18< 5.3.11

WordPress WP Data Access Plugin < 5.3.11 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

High 8.8

2023-04-12< 5.3.8

CVE-2023-1874

CVE Patchstack Wordfence WPScan

N/A

2022-03-04< 5.1.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

2022-02-28< 5.1.4

WordPress WP Data Access plugin < 5.1.4 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 5.1.4

WordPress WP Data Access plugin < 5.1.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

Critical 9.8

2021-12-06< 5.1.4

CVE-2021-24866

CVE Patchstack Wordfence WPScan