WP-Safety

HT Portfolio – WordPress Portfolio Plugin for Elementor Security & Risk Analysis

wordpress.org/plugins/ht-portfolio

HT Portfolio - WordPress Portfolio Plugin for Elementor

300 active installs v1.1.9 PHP + WP 5.4.1+ Updated Dec 4, 2025
filterable-portfoliogallerymasonary-portfolioportfolioportfolio-gallery
100
A · Safe
CVEs total1
Unpatched0
Last CVEFeb 28, 2023
Plugin page Download
Safety Verdict

Is HT Portfolio – WordPress Portfolio Plugin for Elementor Safe to Use in 2026?

Generally Safe

Score 100/100

HT Portfolio – WordPress Portfolio Plugin for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 28, 2023Updated 4mo ago
Risk Assessment

The 'ht-portfolio' plugin v1.1.9 exhibits a generally good security posture based on the provided static analysis. All identified entry points, including AJAX handlers, are protected with authentication checks. The plugin also demonstrates strong adherence to secure coding practices by using prepared statements for all SQL queries and implementing a significant number of nonce and capability checks. Furthermore, the absence of dangerous functions, file operations, external HTTP requests, and taint flows with unsanitized paths are positive indicators.

Key Concerns

  • Output escaping is only 68% proper
  • 1 medium CVE in vulnerability history
Vulnerabilities
1

HT Portfolio – WordPress Portfolio Plugin for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2023-0497medium · 4.3Cross-Site Request Forgery (CSRF)

HT Portfolio <= 1.1.5 - Cross-Site Request Forgery to Arbitrary Plugin Activation

Feb 28, 2023 Patched in 1.1.6 (329d)
Code Analysis
Analyzed Mar 16, 2026

HT Portfolio – WordPress Portfolio Plugin for Elementor Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
112
240 escaped
Nonce Checks
4
Capability Checks
9
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

68% escaped352 total outputs
Attack Surface

HT Portfolio – WordPress Portfolio Plugin for Elementor Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handleradmin\cmb2\includes\CMB2_Ajax.php:51
noprivwp_ajax_cmb2_oembed_handleradmin\cmb2\includes\CMB2_Ajax.php:52
WordPress Hooks 61
actionadmin_menuadmin\admin-init.php:17
actionadmin_enqueue_scriptsadmin\class.settings-api.php:30
filterwp_prepare_attachment_for_jsadmin\cmb2\includes\CMB2.php:1549
actionadmin_enqueue_scriptsadmin\cmb2\includes\CMB2.php:1567
actioncmb2_save_options-page_fieldsadmin\cmb2\includes\CMB2_Ajax.php:54
filterget_post_metadataadmin\cmb2\includes\CMB2_Ajax.php:147
filterupdate_post_metadataadmin\cmb2\includes\CMB2_Ajax.php:150
filtercmb2_show_onadmin\cmb2\includes\CMB2_Hookup.php:79
actionedit_form_topadmin\cmb2\includes\CMB2_Hookup.php:115
actionedit_form_before_permalinkadmin\cmb2\includes\CMB2_Hookup.php:119
actionedit_form_after_titleadmin\cmb2\includes\CMB2_Hookup.php:123
actionedit_form_after_editoradmin\cmb2\includes\CMB2_Hookup.php:127
actionadd_meta_boxesadmin\cmb2\includes\CMB2_Hookup.php:131
actionadd_meta_boxesadmin\cmb2\includes\CMB2_Hookup.php:134
actionadd_attachmentadmin\cmb2\includes\CMB2_Hookup.php:135
actionedit_attachmentadmin\cmb2\includes\CMB2_Hookup.php:136
actionsave_postadmin\cmb2\includes\CMB2_Hookup.php:137
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:144
actionadd_meta_boxes_commentadmin\cmb2\includes\CMB2_Hookup.php:152
actionedit_commentadmin\cmb2\includes\CMB2_Hookup.php:153
filtermanage_edit-comments_columnsadmin\cmb2\includes\CMB2_Hookup.php:156
actionmanage_comments_custom_columnadmin\cmb2\includes\CMB2_Hookup.php:157
filtermanage_edit-comments_sortable_columnsadmin\cmb2\includes\CMB2_Hookup.php:158
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:159
actionshow_user_profileadmin\cmb2\includes\CMB2_Hookup.php:168
actionedit_user_profileadmin\cmb2\includes\CMB2_Hookup.php:169
actionuser_new_formadmin\cmb2\includes\CMB2_Hookup.php:170
actionpersonal_options_updateadmin\cmb2\includes\CMB2_Hookup.php:172
actionedit_user_profile_updateadmin\cmb2\includes\CMB2_Hookup.php:173
actionuser_registeradmin\cmb2\includes\CMB2_Hookup.php:174
filtermanage_users_columnsadmin\cmb2\includes\CMB2_Hookup.php:177
filtermanage_users_custom_columnadmin\cmb2\includes\CMB2_Hookup.php:178
filtermanage_users_sortable_columnsadmin\cmb2\includes\CMB2_Hookup.php:179
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:180
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:226
actioncreated_termadmin\cmb2\includes\CMB2_Hookup.php:230
actionedited_termsadmin\cmb2\includes\CMB2_Hookup.php:231
actiondelete_termadmin\cmb2\includes\CMB2_Hookup.php:232
actioncmb2_do_oembedadmin\cmb2\includes\helper-functions.php:131
filteris_protected_metaadmin\cmb2\includes\rest-api\CMB2_REST.php:144
actioninitadmin\cmb2\init.php:77
filtercmb2_initadmin\htportfolio_custom-metabox.php:5
actioninitadmin\htportfolio_custom-post-type.php:105
actioninitadmin\htportfolio_custom-post-type.php:171
actionadmin_initadmin\plugin-options.php:17
actionadmin_menuadmin\plugin-options.php:18
actioninitadmin\plugin-options.php:19
actionadmin_menuadmin\Recommended_Plugins.php:78
actionadmin_enqueue_scriptsadmin\Recommended_Plugins.php:79
filtersingle_templatehtportfolio.php:29
actionadmin_inithtportfolio.php:92
filterviews_edit-htportfolio_galleryhtportfolio.php:157
actionhtportfolio_gallery_cat_pre_add_formhtportfolio.php:158
filterviews_edit-ht_portfolioshtportfolio.php:219
actionht_portfolios_cat_pre_add_formhtportfolio.php:220
actionwsa_form_bottom_htportfolio_pro_themeshtportfolio.php:223
actionelementor/initincludes\helper-function.php:21
actionelementor/widgets/registerinit.php:14
actionelementor/widgets/widgets_registeredinit.php:16
actionwp_enqueue_scriptsinit.php:35
actioninitinit.php:56
Maintenance & Trust

HT Portfolio – WordPress Portfolio Plugin for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 4, 2025
PHP min version
Downloads13K

Community Trust

Rating60/100
Number of ratings4
Active installs300
Alternatives

HT Portfolio – WordPress Portfolio Plugin for Elementor Alternatives

Radius Portfolio – Filterable Grid, Gallery & Slider Portfolio

Radius Portfolio – Filterable Grid, Gallery & Slider Portfolio

tlp-portfolio

A
99

A simple and powerful WordPress portfolio plugin to showcase your creative work beautifully with different ways.

8K 2 CVEs
Creative Portfolio

Creative Portfolio

creative-portfolio

A
85

Creative portfolio for creative people. This plugin Registers a custom post type for portfolio items and display them on a filterable creative grid.

200 No CVEs
Portfolio

Portfolio

tc-portfolio

A
85

Portfolio is a custom post type based Responsive Filterable Portfolio showing plugin. Users can create stunning portfolio WordPress site using Shortc &hellip;

200 No CVEs
Ultimate Portfolio

Ultimate Portfolio

ultimate-portfolio

A
100

Build portfolio galleries with category filters, image sliders, and post grids using Gutenberg blocks.

100 No CVEs
Fancy Grid Portfolio

Fancy Grid Portfolio

fancy-grid-portfolio

A
85

Create portfolio in nice grid format that is animated and filterable with beautiful hover overlay of project title and description.

30 No CVEs
Developer Profile

HT Portfolio – WordPress Portfolio Plugin for Elementor Developer Profile

HT Plugins

23 plugins · 64K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
124 days
View full developer profile
Detection Fingerprints

How We Detect HT Portfolio – WordPress Portfolio Plugin for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ht-portfolio/assets/css/ht-portfolio-public.css/wp-content/plugins/ht-portfolio/assets/css/slick.css/wp-content/plugins/ht-portfolio/assets/css/magnific-popup.css/wp-content/plugins/ht-portfolio/assets/css/owl.carousel.min.css/wp-content/plugins/ht-portfolio/assets/css/elementor.css/wp-content/plugins/ht-portfolio/assets/js/ht-portfolio-public.js/wp-content/plugins/ht-portfolio/assets/js/isotope.pkgd.min.js/wp-content/plugins/ht-portfolio/assets/js/magnific-popup.js+3 more
Script Paths
htportfolio.php
Version Parameters
ht-portfolio/assets/css/ht-portfolio-public.css?ver=ht-portfolio/assets/css/slick.css?ver=ht-portfolio/assets/css/magnific-popup.css?ver=ht-portfolio/assets/css/owl.carousel.min.css?ver=ht-portfolio/assets/css/elementor.css?ver=ht-portfolio/assets/js/ht-portfolio-public.js?ver=ht-portfolio/assets/js/isotope.pkgd.min.js?ver=ht-portfolio/assets/js/magnific-popup.js?ver=ht-portfolio/assets/js/slick.min.js?ver=ht-portfolio/assets/js/owl.carousel.min.js?ver=ht-portfolio/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes
ht-portfolio-grid-wrapht-portfolio-single-contentelementor-ht-portfoliohtportfolio-gallery-wraphtportfolio-carousel-wraphtportfolio-filter-wrap
HTML Comments
<!-- HT Portfolio Single Template Start --><!-- HT Portfolio Single Template End --><!-- HT Portfolio Gallery Tabs --><!-- HT Portfolio Tabs -->
Data Attributes
data-portfolio-filterdata-filter-groupdata-filter
JS Globals
ht_portfolio_publicht_portfolio_masonry_layoutht_portfolio_carousel_layoutht_portfolio_filter_layout
Shortcode Output
[ht_portfolio][ht_portfolio_gallery][ht_portfolio_carousel]
FAQ

Frequently Asked Questions about HT Portfolio – WordPress Portfolio Plugin for Elementor