Does Portfolio Toolkit have any unpatched vulnerabilities?

No. All known vulnerabilities in Portfolio Toolkit have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Portfolio Toolkit compatible with WordPress 5.4.19?

According to WordPress.org data, Portfolio Toolkit 0.1.8 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is Portfolio Toolkit updated?

Portfolio Toolkit was last updated on Mar 31, 2020. Frequent updates are generally a positive security signal.

What is Portfolio Toolkit's security score?

Portfolio Toolkit has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Portfolio Toolkit Security & Risk Analysis

wordpress.org/plugins/portfolio-toolkit

Adds portfolio functionality to your WordPress website.

600 active installs v0.1.8 PHP + WP 4.1+ Updated Mar 31, 2020

cptportfoliopost-type

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Portfolio Toolkit Safe to Use in 2026?

Generally Safe

Score 85/100

Portfolio Toolkit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The static analysis of portfolio-toolkit v0.1.8 reveals a strong security posture with no identified vulnerabilities in the examined code. The plugin exhibits excellent adherence to security best practices, including 100% proper output escaping and the use of prepared statements for all SQL queries. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security profile. Nonce and capability checks are present, indicating a conscious effort to protect against common WordPress exploits. The zero-known CVEs and lack of historical vulnerabilities suggest a well-maintained and secure plugin over time.

While the current version shows no immediate risks based on static analysis and vulnerability history, it's important to note that the attack surface is reported as zero. This could indicate a very small or straightforward plugin, or potentially that certain entry points were not fully covered by the analysis. The taint analysis also reported zero flows, which is positive but should be considered in conjunction with the overall scope of the static analysis. Overall, portfolio-toolkit v0.1.8 appears to be a highly secure plugin, with no current exploitable weaknesses identified through this review.

Vulnerabilities

None known

Portfolio Toolkit Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Portfolio Toolkit Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped11 total outputs

Attack Surface

Portfolio Toolkit Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionplugins_loadedincludes\class-portfolio-toolkit.php:139

actioninitincludes\class-portfolio-toolkit.php:154

actioninitincludes\class-portfolio-toolkit.php:155

actionadd_meta_boxesincludes\class-portfolio-toolkit.php:170

actionsave_postincludes\class-portfolio-toolkit.php:171

actionafter_setup_themeincludes\class-portfolio-toolkit.php:186

filtermanage_portfolio_posts_columnsincludes\class-portfolio-toolkit.php:187

actionmanage_portfolio_posts_custom_columnincludes\class-portfolio-toolkit.php:188

actionadmin_enqueue_scriptsincludes\class-portfolio-toolkit.php:189

Maintenance & Trust

Portfolio Toolkit Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedMar 31, 2020

PHP min version

Downloads19K

Community Trust

Rating100/100

Number of ratings1

Active installs600

Alternatives

Portfolio Toolkit Alternatives

Portfolio Post Type

portfolio-post-type

This plugin registers a custom post type for portfolio items. It also registers separate portfolio taxonomies for tags and categories.

50K No CVEs

Themify Portfolio Post

themify-portfolio-post

Add a simple Portfolio post type to your site.

30K 6 CVEs

Post Types Unlimited

post-types-unlimited

100

Create unlimited custom post types and custom taxonomies.

10K No CVEs

Simple CPT

simple-cpt

100

Simple CPT provides an easy to use interface for registering and managing custom post types and custom taxonomies.

4K No CVEs

Custom post types, Custom Fields & more

custom-post-types

Custom Post Types, Custom Fields, Custom Taxonomies, Custom Templates, Custom Admin Pages, Custom Admin Notices. Directly from the WP dashboard.

3K 3 CVEs

Developer Profile

Portfolio Toolkit Developer Profile

Dmitry Mayorov

2 plugins · 680 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Portfolio Toolkit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/portfolio-toolkit/admin/css/portfolio-toolkit-admin.css/wp-content/plugins/portfolio-toolkit/public/css/portfolio-toolkit-public.css/wp-content/plugins/portfolio-toolkit/public/js/portfolio-toolkit-public.js

Script Paths

/wp-content/plugins/portfolio-toolkit/admin/js/portfolio-toolkit-admin.js

Version Parameters

portfolio-toolkit-admin.css?ver=portfolio-toolkit-public.css?ver=portfolio-toolkit-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

portfolio-toolkit-thumbnail

Data Attributes

data-portfolio-toolkit-isotope-options

JS Globals

PortfolioToolkitPublic

Shortcode Output

[portfolio_grid[portfolio_categories

FAQ