cleantalk
Vulnerabilities and Security Researches

Portfolio & Image Gallery for WordPress | PowerFolio, CVE-2025-57932

CVE, Research URL

CVE-2025-57932

Home page URL

Security reports for Portfolio & Image Gallery for WordPress | PowerFolio

Application

Portfolio & Image Gallery for WordPress | PowerFolio

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Diego Pereira PowerFolio portfolio-elementor allows Stored XSS.This issue affects PowerFolio: from n/a through <= 3.2.1.
Affected versions
max 3.2.2.
Status
vulnerable
Previous vulnerability researches
WP Project Manager &#8211; Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2025-3100) , Apr 09, 2025
WP Project Manager &#8211; Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2025-58269) , Apr 24, 2026
WP Project Manager &#8211; Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2023-40003) , Jun 10, 2024
WP Project Manager &#8211; Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2024-10174) , Nov 13, 2024
WP Project Manager &#8211; Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2023-3636) , Jun 07, 2024
New vulnerability
Portfolio &amp; Image Gallery for WordPress | PowerFolio (CVE-2025-57932) , Apr 24, 2026
Bold Page Builder (CVE-2025-7730) , Apr 24, 2026
Flexi &#8211; Guest Submit (CVE-2025-9129) , Apr 24, 2026
Maps for WP (CVE-2025-57952) , Apr 24, 2026
Poll Maker &#8211; Best WordPress Poll Plugin (CVE-2025-57954) , Apr 24, 2026