Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

portfoliohub — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting portfoliohub. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Portfoliohub serves as a centralized platform for managing digital assets and security documentation. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely reported, the consistent pattern of critical vulnerabilities suggests potential risks for organizations relying on the platform for sensitive asset management. Organizations implementing Portfoliohub should prioritize timely patching and hardening to mitigate these recurring security concerns.

Top products by portfoliohub: WordPress Portfolio Builder – Portfolio Gallery
CVE IDTitleCVSSSeverityPublished
CVE-2025-1757 WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WordPress Portfolio Builder – Portfolio GalleryCWE-79 6.4 Medium2025-02-28
CVE-2024-13231 WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Missing Authorization to Unauthenticated Portfolio Update — WordPress Portfolio Builder – Portfolio GalleryCWE-862 5.3 Medium2025-02-19
CVE-2024-53788 WordPress WordPress Portfolio Builder – Portfolio Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability — WordPress Portfolio Builder – Portfolio GalleryCWE-79 5.9 Medium2024-11-30
CVE-2024-49302 WordPress WordPress Portfolio Builder – Portfolio Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability — WordPress Portfolio Builder – Portfolio GalleryCWE-79 6.5 Medium2024-10-17

This page lists every published CVE security advisory associated with portfoliohub. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.