WP-Safety

Genesis Portfolio Beta Security & Risk Analysis

wordpress.org/plugins/genesis-portfolio

DO NOT USE THIS PLUGIN ON A LIVE SITE

10 active installs v1.3.4 PHP + WP 3.2+ Updated May 28, 2012
minfolioportfolio
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Genesis Portfolio Beta Safe to Use in 2026?

Generally Safe

Score 85/100

Genesis Portfolio Beta has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The genesis-portfolio plugin, version 1.3.4, exhibits a generally positive security posture, with strengths in its minimal attack surface and the absence of known vulnerabilities. The static analysis reveals a controlled entry point through a single shortcode, with no unprotected AJAX handlers or REST API routes. The plugin also demonstrates good practices by utilizing prepared statements for all SQL queries and incorporating nonce and capability checks for its limited interactions. However, a significant concern is the low percentage of properly escaped output (20%). This indicates a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed. Furthermore, the presence of one flow with an unsanitized path, though not classified as critical or high severity in the taint analysis, warrants attention as it represents a potential avenue for insecure file operations or path traversal if not handled with extreme care. The plugin's history of zero CVEs is encouraging, suggesting a commitment to security or a lack of past exploitable flaws. Overall, while the plugin has a solid foundation, the insufficient output escaping and the identified unsanitized path are areas that require immediate attention to mitigate potential risks.

Key Concerns

  • Low output escaping percentage
  • Flow with unsanitized path
Vulnerabilities
None known

Genesis Portfolio Beta Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Genesis Portfolio Beta Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
235
57 escaped
Nonce Checks
1
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

20% escaped292 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
cmb_editor_footer_scripts (includes\metaboxes\init.php:496)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Genesis Portfolio Beta Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[post_field] includes\class-portfolio.php:72
WordPress Hooks 62
actionafter_setup_themegenesis-portfolio.php:61
actionwidgets_initgenesis-portfolio.php:103
actionwidgets_initgenesis-portfolio.php:108
actiongenesis_settings_sanitizer_initincludes\class-portfolio-settings.php:89
actionadmin_enqueue_scriptsincludes\class-portfolio-settings.php:92
actionadmin_initincludes\class-portfolio-settings.php:95
actionwp_enqueue_scriptsincludes\class-portfolio-widget.php:76
actionadmin_print_footer_scriptsincludes\class-portfolio-widget.php:78
actioninitincludes\class-portfolio.php:59
filtermanage_edit-minfolio_portfolio_columnsincludes\class-portfolio.php:61
actionmanage_posts_custom_columnincludes\class-portfolio.php:62
actioninitincludes\class-portfolio.php:64
filtercmb_meta_boxesincludes\class-portfolio.php:65
filtergenesis_portfolio_metaboxesincludes\class-portfolio.php:66
actioncmb_render_text_to_editorincludes\class-portfolio.php:67
actionright_now_content_table_endincludes\class-portfolio.php:69
actionadmin_initincludes\class-taxonomies.php:50
actionadmin_menuincludes\class-taxonomies.php:51
actionadmin_initincludes\class-taxonomies.php:52
actionadmin_noticesincludes\class-taxonomies.php:53
actioninitincludes\class-taxonomies.php:55
actionafter_setup_themeincludes\functions.php:236
actionedit_termincludes\functions.php:237
filterbody_classincludes\functions.php:254
actionadd_meta_boxesincludes\help.php:18
filtercmb_meta_boxesincludes\metaboxes\example-functions.php:11
actioninitincludes\metaboxes\example-functions.php:213
actionadmin_headincludes\metaboxes\init.php:83
actionadmin_menuincludes\metaboxes\init.php:86
actionsave_postincludes\metaboxes\init.php:87
filtercmb_show_onincludes\metaboxes\init.php:89
filtercmb_show_onincludes\metaboxes\init.php:90
actionadmin_enqueue_scriptsincludes\metaboxes\init.php:494
actionadmin_print_footer_scriptsincludes\metaboxes\init.php:510
filterget_media_item_argsincludes\metaboxes\init.php:513
filtergenesis_site_layoutincludes\templates\archive-minfolio_portfolio.php:25
actiongenesis_before_loopincludes\templates\archive-minfolio_portfolio.php:28
actiongenesis_after_loopincludes\templates\archive-minfolio_portfolio.php:29
actiongenesis_before_post_titleincludes\templates\archive-minfolio_portfolio.php:42
filterpost_classincludes\templates\archive-minfolio_portfolio.php:45
actiongenesis_post_contentincludes\templates\archive-minfolio_portfolio.php:48
actionminfolio_portfolio_detailsincludes\templates\archive-minfolio_portfolio.php:49
actiongenesis_after_postincludes\templates\archive-minfolio_portfolio.php:105
actionwp_enqueue_scriptsincludes\templates\archive-minfolio_portfolio.php:107
filterget_the_content_limit_allowedtagsincludes\templates\archive-minfolio_portfolio.php:127
actiongenesis_before_loopincludes\templates\page_portfolio.php:25
actiongenesis_after_loopincludes\templates\page_portfolio.php:26
actiongenesis_before_post_titleincludes\templates\page_portfolio.php:39
filterpost_classincludes\templates\page_portfolio.php:42
actiongenesis_post_contentincludes\templates\page_portfolio.php:45
actiongenesis_after_postincludes\templates\page_portfolio.php:48
filtergenesis_pre_get_option_site_layoutincludes\templates\page_portfolio.php:54
actionwp_headincludes\templates\page_portfolio.php:55
actionwp_enqueue_scriptsincludes\templates\page_portfolio.php:57
actiongenesis_loopincludes\templates\page_portfolio.php:67
filterget_the_content_limit_allowedtagsincludes\templates\page_portfolio.php:97
actiongenesis_before_loopincludes\templates\page_portfolio.php:107
filtergenesis_pre_get_option_site_layoutincludes\templates\page_portfolio_widgetized.php:20
actionwp_headincludes\templates\page_portfolio_widgetized.php:21
filterbody_classincludes\templates\page_portfolio_widgetized.php:26
actionwp_enqueue_scriptsincludes\templates\page_portfolio_widgetized.php:38
actiongenesis_loopincludes\templates\page_portfolio_widgetized.php:48
Maintenance & Trust

Genesis Portfolio Beta Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1
Last updatedMay 28, 2012
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Genesis Portfolio Beta Alternatives

WP Show Posts

WP Show Posts

wp-show-posts

A
90

Add posts to your website from any post type using a simple shortcode.

70K 3 CVEs
Visual Portfolio, Photo Gallery & Post Grid

Visual Portfolio, Photo Gallery & Post Grid

visual-portfolio

A
98

Modern photo gallery and portfolio plugin with advanced layouts editor. Clean gallery styles with powerful settings in the Gutenberg block.

60K 3 CVEs
Portfolio Post Type

Portfolio Post Type

portfolio-post-type

A
85

This plugin registers a custom post type for portfolio items. It also registers separate portfolio taxonomies for tags and categories.

50K No CVEs
Premium Portfolio Features for Phlox theme

Premium Portfolio Features for Phlox theme

auxin-portfolio

A
89

Showcase your projects beautifully in Phlox theme

40K 4 CVEs
Themify Portfolio Post

Themify Portfolio Post

themify-portfolio-post

A
95

Add a simple Portfolio post type to your site.

30K 6 CVEs
Developer Profile

Genesis Portfolio Beta Developer Profile

Travis Smith

11 plugins · 2K total installs

86
trust score
Avg Security Score
89/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Genesis Portfolio Beta

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/genesis-portfolio/includes/js/portfolio-admin.js/wp-content/plugins/genesis-portfolio/includes/css/portfolio-admin.css
Script Paths
/wp-content/plugins/genesis-portfolio/includes/js/portfolio-admin.js

HTML / DOM Fingerprints

CSS Classes
minfolio-portfolio-widgetminfolio-portfolio-settings
HTML Comments
<!-- Genesis Portfolio settings --><!-- Genesis Portfolio Post Type Settings --><!-- Genesis Portfolio Taxonomies Settings --><!-- Genesis Portfolio Archive Settings -->+1 more
Data Attributes
data-mfp-post-typedata-mfp-taxonomy
JS Globals
minfolio_portfolio_admin
Shortcode Output
[genesis_portfolio]
FAQ

Frequently Asked Questions about Genesis Portfolio Beta