cleantalk
Vulnerabilities and Security Researches

Portfolio and Projects, CVE-2025-67470

CVE, Research URL

CVE-2025-67470

Home page URL

Security reports for Portfolio and Projects

Application

Portfolio and Projects

Published on
Dec 09, 2025
Research Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Essential Plugin Portfolio and Projects portfolio-and-projects allows Retrieve Embedded Sensitive Data.This issue affects Portfolio and Projects: from n/a through <= 1.5.5.
Affected versions
max 1.5.5.
Status
vulnerable
Previous vulnerability researches
Portfolio and Projects (CVE-2024-13847) , Mar 15, 2025
Portfolio and Projects (1e5ab0d376bb286eb9f3c02b0bc3818f419fb17d) , Jun 07, 2024
Portfolio and Projects (CVE-2023-39995) , Jun 10, 2024
Portfolio and Projects (CVE-2025-67470) , Dec 11, 2025
Portfolio and Projects (CVE-2026-6443) , Apr 23, 2026
New vulnerability
WP Mailgun SMTP (CVE-2025-59003) , Apr 24, 2026
TP Woocommerce Product Gallery (CVE-2025-5092) , Apr 24, 2026
Gallery with thumbnail slider (CVE-2025-5092) , Apr 24, 2026
Featured Post Creative (CVE-2026-6443) , Apr 24, 2026
Google PageRank Display (CVE-2026-6294) , Apr 24, 2026