cleantalk
Vulnerabilities and Security Researches

Portfolio and Projects, CVE-2023-39995

CVE, Research URL

CVE-2023-39995

Home page URL

Security reports for Portfolio and Projects

Application

Portfolio and Projects

Published on
Dec 13, 2024
Research Description
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Portfolio and Projects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio and Projects: from n/a through 1.3.7.
Affected versions
Min -, max 1.3.8.
Status
vulnerable
Previous vulnerability researches
Portfolio and Projects (CVE-2024-13847) , Mar 15, 2025
Portfolio and Projects (1e5ab0d376bb286eb9f3c02b0bc3818f419fb17d) , Jun 07, 2024
Portfolio and Projects (CVE-2023-39995) , Jun 10, 2024
Portfolio and Projects (CVE-2023-40200) , Jun 10, 2024
New vulnerability
Arconix Shortcodes (CVE-2025-49858) , Jun 19, 2025
Responsive Starter Templates – Elementor & WordPress Templates (CVE-2025-49856) , Jun 19, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-47452) , Jun 19, 2025
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2025-49872) , Jun 19, 2025
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2025-49857) , Jun 19, 2025