Portfolio
This hub aggregates every CVE we track for Portfolio, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM4LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 5 most recently published vulnerabilities affecting Portfolio.
- CVE-2014-125109BestWebSoft Portfolio Plugin bws_menu.php bws_add_menu_render cross site scripting3.5
- CVE-2012-10017BestWebSoft Portfolio Plugin cross-site request forgery4.3
- CVE-2018-18087The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user who has the "Manage portfolio" privilege can inject arbitrary web script or HTML via the Image URL field in the portfolio edit...5.4
- CVE-2017-2171Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form...6.1
- CVE-2015-6523Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspe...6.8
Product normalization is registry-driven with AI assist and human review. How it works