Cross-site Scripting Vulnerability in Behance Portfolio Manager by eleopard
CVE-2025-57913
6.5MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 22 September 2025
What is CVE-2025-57913?
A Cross-site Scripting (XSS) vulnerability exists in the Behance Portfolio Manager developed by eleopard, affecting versions up to 1.7.4. This critical flaw allows attackers to inject malicious scripts into web pages, leading to stored XSS attacks. Such vulnerabilities can compromise user data and session information, making it imperative for users to update their software to mitigate potential exploits. Proper sanitization of input during web page generation is necessary to prevent this issue.
Affected Version(s)
Behance Portfolio Manager <= 1.7.4