cleantalk
Vulnerabilities and Security Researches

Behance Portfolio Manager, CVE-2025-57913

CVE, Research URL

CVE-2025-57913

Home page URL

Security reports for Behance Portfolio Manager

Application

Behance Portfolio Manager

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eleopard Behance Portfolio Manager portfolio-manager-powered-by-behance allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through <= 1.7.5.
Affected versions
max 1.8.0.
Status
vulnerable
Previous vulnerability researches
Emails Blacklist for Everest Forms (4e0b8221f9787e16f8849dff3026eadc73126b28) , Jun 07, 2024
New vulnerability
Image Source Control Lite – Show Image Credits and Captions (CVE-2026-4852) , Apr 22, 2026
MailerLite &#8211; WooCommerce integration (CVE-2026-1000) , Apr 22, 2026
Embed Calendly (CVE-2026-0868) , Apr 22, 2026
Product Filter by WBW (CVE-2026-39494) , Apr 22, 2026
Product Filter by WBW (CVE-2026-3830) , Apr 22, 2026