WP-Safety

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Security & Risk Analysis

wordpress.org/plugins/project-pages

Project Pages is an opinionated Portfolio Maker. Project Pages helps you document your project stories, and make better stuff.

50 active installs v2.1 PHP 7.4+ WP 5.0+ Updated Unknown
client-workportfolioportfolio-templateshowcasewordpress-portfolio-plugin
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Safe to Use in 2026?

Generally Safe

Score 100/100

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "project-pages" plugin v2.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and incorporating a reasonable number of nonce and capability checks. The absence of known CVEs and historical vulnerabilities is also a strong indicator of past diligence. However, there are significant concerns that temper this positive outlook.

The static analysis reveals a notable vulnerability: one AJAX handler lacks authentication checks. This creates an open entry point that could potentially be exploited if an attacker can trigger this handler. While the taint analysis didn't flag critical or high severity flows, the presence of four flows with unsanitized paths is a red flag. This suggests that user-supplied input might not be adequately validated before being processed, potentially leading to unexpected behavior or vulnerabilities, even if not immediately critical.

In conclusion, the plugin has strengths in its database query security and the general use of WordPress security features. Nevertheless, the unauthenticated AJAX endpoint and the unsanitized path flows represent clear security weaknesses that require immediate attention. The historical lack of vulnerabilities is positive but does not negate the current findings. Addressing the unauthenticated AJAX handler and improving input sanitization for the identified taint flows should be the priority.

Key Concerns

  • AJAX handler without auth checks
  • Flows with unsanitized paths
  • Low percentage of properly escaped output
Vulnerabilities
None known

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
235
125 escaped
Nonce Checks
10
Capability Checks
11
File Operations
12
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

35% escaped360 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths
projectPages_AJAX_add_log (includes\ProjectPages.AJAX.php:19)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Attack Surface

Entry Points6
Unprotected1

AJAX Handlers 6

authwp_ajax_projectPagesAddLogincludes\ProjectPages.AJAX.php:42
authwp_ajax_projectPagesUpdateLogincludes\ProjectPages.AJAX.php:75
authwp_ajax_projectPagesDeleteLogincludes\ProjectPages.AJAX.php:103
authwp_ajax_projectPagesHideFeedbackincludes\ProjectPages.AJAX.php:118
authwp_ajax_projectPagesJoinincludes\ProjectPages.AJAX.php:156
authwp_ajax_dismiss_announcement_ppProjectPages.php:1669
WordPress Hooks 34
actionenqueue_block_assetsincludes\ProjectPages.Blocks.php:73
actionafter_setup_themeincludes\ProjectPages.Blocks.php:89
filterblock_categories_allincludes\ProjectPages.Blocks.php:154
filterget_user_option_meta-box-order_projectpageincludes\ProjectPages.MetaBoxes.php:25
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:66
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:80
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:536
filtersave_postincludes\ProjectPages.MetaBoxes.php:537
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:799
filtersave_postincludes\ProjectPages.MetaBoxes.php:800
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:873
filtersave_postincludes\ProjectPages.MetaBoxes.php:874
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:946
filtersave_postincludes\ProjectPages.MetaBoxes.php:947
actionadd_meta_boxesincludes\ProjectPages.MetaBoxes.php:1252
actionwp_headincludes\ProjectPages.OGMeta.php:19
actionproject_pages_pre_settings_hookincludes\ProjectPages.Pre.Init.php:145
actioninitProjectPages.php:29
actionadmin_menuProjectPages.php:30
actionadmin_noticesProjectPages.php:113
actionwp_loadedProjectPages.php:287
actionadmin_noticesProjectPages.php:336
actionadmin_noticesProjectPages.php:343
actionwp_loadedProjectPages.php:370
actionactivated_pluginProjectPages.php:395
actionadmin_headProjectPages.php:437
actionwp_enqueue_scriptsProjectPages.php:496
filterscript_loader_tagProjectPages.php:509
filtersingle_templateProjectPages.php:772
filterarchive_templateProjectPages.php:830
filtertaxonomy_templateProjectPages.php:887
filterpost_updated_messagesProjectPages.php:1025
actionswitch_themeProjectPages.php:1597
actionadmin_enqueue_scriptsProjectPages.php:1668
Maintenance & Trust

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedUnknown
PHP min version7.4
Downloads5K

Community Trust

Rating100/100
Number of ratings4
Active installs50
Alternatives

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Alternatives

Portfolio Designer – WordPress Portfolio Plugin (Image/Video/Slider Gallery)

Portfolio Designer – WordPress Portfolio Plugin (Image/Video/Slider Gallery)

portfolio-designer-lite

A
92

Portfolio Designer Lite plugin allows you to create, manage, edit and design portfolio and showcase with few clicks.

100 No CVEs
Themify Portfolio Post

Themify Portfolio Post

themify-portfolio-post

A
95

Add a simple Portfolio post type to your site.

30K 6 CVEs
Radius Portfolio – Filterable Grid, Gallery & Slider Portfolio

Radius Portfolio – Filterable Grid, Gallery & Slider Portfolio

tlp-portfolio

A
99

A simple and powerful WordPress portfolio plugin to showcase your creative work beautifully with different ways.

8K 2 CVEs
Filterable Portfolio

Filterable Portfolio

filterable-portfolio

A
100

A WordPress Portfolio plugin to display portfolio/project images to your site.

1K No CVEs
Advance Portfolio Grid, Slider and Gallery – Showcase Projects, Images and Videos

Advance Portfolio Grid, Slider and Gallery – Showcase Projects, Images and Videos

advance-portfolio-grid

A
99

Create responsive and customizable portfolio grids to showcase projects, case studies, and creative work on your WordPress site.

900 1 CVE
Developer Profile

Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer! Developer Profile

woodyhayday

1 plugin · 50 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer!

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/project-pages/assets/css/project-pages-admin.css/wp-content/plugins/project-pages/assets/css/project-pages.css/wp-content/plugins/project-pages/assets/js/project-pages-admin.js/wp-content/plugins/project-pages/assets/js/project-pages.js
Generator Patterns
Project Pages
Script Paths
/wp-content/plugins/project-pages/assets/js/project-pages.js/wp-content/plugins/project-pages/assets/js/project-pages-admin.js
Version Parameters
project-pages/assets/css/project-pages.css?ver=project-pages/assets/css/project-pages-admin.css?ver=project-pages/assets/js/project-pages.js?ver=project-pages/assets/js/project-pages-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
project-pages-admin-wrapper
HTML Comments
Project Pages is the simplest way to share your projects beautifully.Project Pages Requires PHP Version 5.4 or above, please ask web hosting provider to update your PHP!
Data Attributes
data-projectpages_shortcode
JS Globals
projectPages_urlsprojectPages_slugsprojectPages_SettingsprojectPages_Conf_Setup
Shortcode Output
[project_pages_list][project_pages_single]
FAQ

Frequently Asked Questions about Project Pages – Portfolio Template, Portfolio Maker, Work Context Explorer!