cleantalk
Vulnerabilities and Security Researches

Premium Portfolio Features for Phlox theme, CVE-2023-38399

CVE, Research URL

CVE-2023-38399

Home page URL

Security reports for Premium Portfolio Features for Phlox theme

Application

Premium Portfolio Features for Phlox theme

Published on
May 17, 2024
Research Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1.
Affected versions
max 2.3.2.
Status
vulnerable
Previous vulnerability researches
Premium Portfolio Features for Phlox theme (CVE-2023-38399) , Jun 07, 2024
Premium Portfolio Features for Phlox theme (CVE-2025-12497) , Dec 10, 2025
Premium Portfolio Features for Phlox theme (CVE-2024-1384) , Aug 29, 2024
Premium Portfolio Features for Phlox theme (CVE-2024-3587) , Jul 17, 2024
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025