CVE-2026-49069 WordPress WPZOOM Portfolio plugin <= 1.4.21 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...

CVE-2026-32537 WordPress Visual Portfolio, Photo Gallery & Post Grid plugin <= 3.5.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through =...

WordPress Visual Portfolio, Photo Gallery & Post Grid plugin <= 3.5.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Visual Portfolio, Photo Gallery & Post Grid versions = 3.5.1...

CVE-2026-32345

Missing Authorization vulnerability in raratheme Perfect Portfolio perfect-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Perfect Portfolio: from n/a through = 1.2.4...

CVE-2026-27385 WordPress DesignThemes Portfolio plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Portfolio designthemes-portfolio allows Reflected XSS.This issue affects DesignThemes Portfolio: from n/a through = 1.3...

CVE-2025-69375 WordPress Portfolio Builder plugin <= 1.2.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.This issue affects Portfolio Builder: from n/a through = 1.2.5...

CVE-2025-69180

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra Portfolio: from n/a through = 6.7...

CVE-2023-29097

Auth. author+ Stored Cross-Site Scripting XSS vulnerability in a3rev Software a3 Portfolio plugin = 3.1.0 versions...

CVE-2025-68980

CVE-2025-68980 refers to a Missing Authorization vulnerability in the WordPress plugin WeDesignTech Portfolio . The connected Wordfence entry indicates the issue affects the plugin up to version 1.0.2 and is unauthenticated (no user credentials required) due to an authorization check bypass. The ...

WordPress WeDesignTech Portfolio plugin <= 1.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WeDesignTech Portfolio versions = 1.0.2...

CVE-2025-67533 WordPress Themify Portfolio Post plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Portfolio Post themify-portfolio-post allows Stored XSS.This issue affects Themify Portfolio Post: from n/a through = 1.3.0...

CVE-2025-11753

The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2025-44938

Name of the Vulnerable Software and Affected Versions Bootstrap Multi-language Responsive Portfolio versions prior to 1.0 Description The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is susceptible to Stored Cross-Site Scripting through admin settings. Insufficient input...

EUVD-2015-6463

Malware in sbrugna...

EUVD-2014-1276

Malware in sbrugna...

EUVD-2012-5397

Malware in sbrugna...

EUVD-2012-1039

Malware in sbrugna...

EUVD-2022-34844

Malicious code in bioql PyPI...

EUVD-2024-34279

Malicious code in bioql PyPI...

EUVD-2022-52085

Malicious code in bioql PyPI...