WP-Safety

B Portfolio Security & Risk Analysis

wordpress.org/plugins/bportfolio

Build and display Portfolios/Projects on your site. Professionally present your Skill.

10 active installs v1.0.1 PHP 7.1+ WP 5.7+ Updated Feb 17, 2025
blockportfolioprojectsshowcasewidget
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is B Portfolio Safe to Use in 2026?

Generally Safe

Score 92/100

B Portfolio has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "bportfolio" plugin v1.0.1 demonstrates a generally strong security posture based on the provided static analysis. A significant strength is the complete absence of critical or high-severity taint flows, along with the use of prepared statements for all SQL queries and a considerable number of nonce and capability checks. The plugin also has no recorded vulnerabilities or CVEs, suggesting a mature and stable codebase.

However, there are areas for improvement. While the overall output escaping is high (73%), a portion of outputs remain unescaped, which could present a risk of cross-site scripting (XSS) vulnerabilities if user-supplied data reaches these outputs without proper sanitization. The presence of 5 AJAX handlers, even though protected by authentication checks, contributes to the attack surface. The absence of any bundled libraries is a positive, as it avoids potential vulnerabilities from outdated third-party code.

In conclusion, the "bportfolio" plugin appears to be developed with security in mind, evidenced by its clean vulnerability history and the implementation of secure coding practices like prepared statements and authentication checks. The primary area of concern is the unescaped output, which warrants further investigation to ensure no sensitive data is exposed. The plugin's overall security is good, but minor enhancements in output sanitization would further solidify its robust security.

Key Concerns

  • Percentage of output not properly escaped
Vulnerabilities
None known

B Portfolio Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

B Portfolio Release Timeline

v1.0.1Current
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

B Portfolio Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
205
541 escaped
Nonce Checks
10
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

73% escaped746 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

3 flows
csf_export (inc\codestar\functions\actions.php:62)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

B Portfolio Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 5

authwp_ajax_csf-get-iconsinc\codestar\functions\actions.php:50
authwp_ajax_csf-exportinc\codestar\functions\actions.php:87
authwp_ajax_csf-importinc\codestar\functions\actions.php:123
authwp_ajax_csf-resetinc\codestar\functions\actions.php:150
authwp_ajax_csf-choseninc\codestar\functions\actions.php:189

Shortcodes 1

[bPortfolio] bportfolio.php:211
WordPress Hooks 55
actionadmin_enqueue_scriptsadmin\ads\submenu.php:9
actionadmin_menuadmin\ads\submenu.php:16
actionplugins_loadedbportfolio.php:27
actionwp_enqueue_scriptsbportfolio.php:63
actionadmin_enqueue_scriptsbportfolio.php:74
actioninitbportfolio.php:276
actioninitbportfolio.php:311
filtersingle_templatebportfolio.php:314
filteradmin_post_thumbnail_htmlbportfolio.php:328
filterpost_row_actionsbportfolio.php:362
actionadmin_head-post.phpbportfolio.php:381
actionadmin_head-post-new.phpbportfolio.php:382
filterpost_updated_messagesbportfolio.php:394
filtergettextbportfolio.php:399
filteradmin_footer_textbportfolio.php:413
actionedit_form_after_titlebportfolio.php:427
filtermanage_shortcode-generator_posts_columnsbportfolio.php:449
actionmanage_shortcode-generator_posts_custom_columnbportfolio.php:450
actionadmin_initbportfolio.php:479
actionwp_enqueue_scriptsinc\codestar\classes\abstract.class.php:20
actionadmin_menuinc\codestar\classes\admin-options.class.php:106
actionadmin_bar_menuinc\codestar\classes\admin-options.class.php:107
actionnetwork_admin_menuinc\codestar\classes\admin-options.class.php:111
filteradmin_footer_textinc\codestar\classes\admin-options.class.php:487
actioncustomize_registerinc\codestar\classes\customize-options.class.php:43
actioncustomize_save_afterinc\codestar\classes\customize-options.class.php:44
actionwp_enqueue_scriptsinc\codestar\classes\customize-options.class.php:48
actionadd_meta_boxesinc\codestar\classes\metabox-options.class.php:50
actionsave_postinc\codestar\classes\metabox-options.class.php:51
actionedit_attachmentinc\codestar\classes\metabox-options.class.php:52
actionwp_nav_menu_item_custom_fieldsinc\codestar\classes\nav-menu-options.class.php:30
actionwp_update_nav_menu_iteminc\codestar\classes\nav-menu-options.class.php:31
filterwp_edit_nav_menu_walkerinc\codestar\classes\nav-menu-options.class.php:33
actionafter_setup_themeinc\codestar\classes\setup.class.php:53
actioninitinc\codestar\classes\setup.class.php:54
actionswitch_themeinc\codestar\classes\setup.class.php:55
actionadmin_enqueue_scriptsinc\codestar\classes\setup.class.php:56
actionwp_enqueue_scriptsinc\codestar\classes\setup.class.php:57
actionwp_headinc\codestar\classes\setup.class.php:58
filteradmin_body_classinc\codestar\classes\setup.class.php:59
actionadmin_footerinc\codestar\classes\shortcode-options.class.php:47
actioncustomize_controls_print_footer_scriptsinc\codestar\classes\shortcode-options.class.php:48
actionelementor/editor/before_enqueue_scriptsinc\codestar\classes\shortcode-options.class.php:57
actionelementor/editor/footerinc\codestar\classes\shortcode-options.class.php:58
actionelementor/editor/footerinc\codestar\classes\shortcode-options.class.php:59
actionenqueue_block_editor_assetsinc\codestar\classes\shortcode-options.class.php:299
actionmedia_buttonsinc\codestar\classes\shortcode-options.class.php:303
actionadmin_initinc\codestar\classes\taxonomy-options.class.php:41
actionadmin_footerinc\codestar\fields\icon\icon.php:41
actioncustomize_controls_print_footer_scriptsinc\codestar\fields\icon\icon.php:42
actionadmin_print_footer_scriptsinc\codestar\fields\link\link.php:65
actionprint_default_editor_scriptsinc\codestar\fields\wp_editor\wp_editor.php:62
actionadmin_menuinc\codestar\views\welcome.php:19
filterplugin_action_linksinc\codestar\views\welcome.php:20
filterplugin_row_metainc\codestar\views\welcome.php:21
Maintenance & Trust

B Portfolio Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedFeb 17, 2025
PHP min version7.1
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

B Portfolio Alternatives

Portfolio Block – The Ultimate Project & Portfolio Builder

Portfolio Block – The Ultimate Project & Portfolio Builder

portfolio-block

A
100

Portfolio Block helps you create and display modern, responsive portfolios with multiple layouts, filters, and full design control.

700 No CVEs
Project Showcase – A WordPress Plugin to Display Projects in Various Layouts

Project Showcase – A WordPress Plugin to Display Projects in Various Layouts

gs-projects

A
99

Introducing a WordPress plugin that enables users to display their projects in a variety of layouts through a project showcase.

200 1 CVE
Portfolio X

Portfolio X

portfolio-x

A
100

Portfolio X is a responsive portfolio gallery plugin for project portfolio with unique photo gallery styles, portfolio widgets and project showcase.

200 No CVEs
Portfolio Pro Advance

Portfolio Pro Advance

portfolio-pro-advance

A
100

Advanced portfolio management with multiple layouts and pro features.

0 No CVEs
Project Showcase by Gravth

Project Showcase by Gravth

project-showcase-by-gravth

A
100

A lightweight and customizable portfolio showcase plugin to display your projects in a grid with live preview and snippet modes.

0 No CVEs
Developer Profile

B Portfolio Developer Profile

iflairwebtechnologies

15 plugins · 990 total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect B Portfolio

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bportfolio/public/css/font-awesome-all.css/wp-content/plugins/bportfolio/public/css/owl.css/wp-content/plugins/bportfolio/public/css/bootstrap-grid.min.css/wp-content/plugins/bportfolio/public/css/jquery.fancybox.min.css/wp-content/plugins/bportfolio/public/css/animate.css/wp-content/plugins/bportfolio/public/css/style.css/wp-content/plugins/bportfolio/public/js/owl.js/wp-content/plugins/bportfolio/public/js/wow.js+5 more
Script Paths
/wp-content/plugins/bportfolio/public/js/owl.js/wp-content/plugins/bportfolio/public/js/wow.js/wp-content/plugins/bportfolio/public/js/jquery.fancybox.js/wp-content/plugins/bportfolio/public/js/isotope.js/wp-content/plugins/bportfolio/public/js/script.js
Version Parameters
bportfolio/style.css?ver=bportfolio/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
portfolio-sectionsortable-masonryfilter-tabsfilter-btnsmasonry-itemportfolio-block-oneimage-boxcontent-box
Data Attributes
data-roledata-filter
Shortcode Output
<section class="portfolio-section"<div class="filters"<ul class="filter-tabs filter-btns<li class="filter" data-role="button" data-filter=".all">All</li>
FAQ

Frequently Asked Questions about B Portfolio