CVE-2025-63067

Missing Authorization vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a through 3.7.3...

CVE-2025-63066

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through 3.7.3...

EUVD-2025-201963

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through = 3.6.2...

PT-2025-50066

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through = 3.6.2...

EUVD-2023-52771

Malicious code in bioql PyPI...

CVE-2023-48738

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Porto Theme Porto Theme - Functionality.This issue affects Porto Theme - Functionality: from n/a before 2.12.1...

WordPress plugin Porto Theme - Functionality 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability i...

PT-2025-1549 · Unknown · Porto Theme - Functionality

Name of the Vulnerable Software and Affected Versions: Porto Theme - Functionality versions prior to 2.12.1 Description: The issue is related to a missing authorization vulnerability in Porto Theme - Functionality, which allows exploiting incorrectly configured access control security levels...

CVE-2024-3808

The Porto Theme – Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the ‘portoportfolios’ shortcode ‘portfoliolayout’ attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions,...

CVE-2023-48738

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Porto Theme Porto Theme - Functionality.This issue affects Porto Theme - Functionality: from n/a before 2.12.1...

CVE-2023-48738

CVE-2023-48738 affects the Porto Theme – Functionality plugin for WordPress. The vulnerability is an SQL Injection caused by improper neutralization of specific elements, exploitable by an unauthenticated attacker. The issue applies to Porto Theme – Functionality versions before 2.12.1. Impact is...

Porto Theme - Functionality < 2.12.1 - Missing Authorization

Description The Porto Theme - Functionality plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unknown function in versions up to, and including, 2.11.1. This makes it possible for unauthenticated attackers to perform an unauthorized...

WordPress Porto Theme - Functionality Plugin < 2.12.1 is vulnerable to SQL Injection

Software Porto Theme - Functionality Type Plugin Vulnerable versions 2.12.1 Fixed in 2.12.1 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-48738 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 5a7e2b4a3331 Credits Rafie Muhammad Patchstack Required...