cleantalk
Vulnerabilities and Security Researches

WordPress Portfolio Builder – Portfolio Gallery, CVE-2024-49302

CVE, Research URL

CVE-2024-49302

Home page URL

Security reports for WordPress Portfolio Builder – Portfolio Gallery

Application

WordPress Portfolio Builder – Portfolio Gallery

Published on
Oct 18, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Portfoliohub WordPress Portfolio Builder – Portfolio Gallery allows Stored XSS.This issue affects WordPress Portfolio Builder – Portfolio Gallery: from n/a through 1.1.7.
Affected versions
Min -, max 1.1.7.
Status
vulnerable
Previous vulnerability researches
WordPress Portfolio Builder – Portfolio Gallery (CVE-2024-49302) , Oct 19, 2024
WordPress Portfolio Builder – Portfolio Gallery (CVE-2024-13231) , Feb 21, 2025
WordPress Portfolio Builder – Portfolio Gallery (CVE-2024-53788) , Dec 03, 2024
WordPress Portfolio Builder – Portfolio Gallery (CVE-2025-1757) , May 14, 2025
New vulnerability
Lead Form Data Collection to CRM (CVE-2025-47690) , May 14, 2025
WordPress Portfolio Builder – Portfolio Gallery (CVE-2025-1757) , May 14, 2025
LiteSpeed Cache (CVE-2025-47437) , May 14, 2025
Frontend Dashboard (CVE-2025-4474) , May 14, 2025
Frontend Dashboard (CVE-2025-4473) , May 14, 2025