Vulnerabilities and security researches forgallery-portfolio gallery-portfolio

Jun 07, 2024

CVE, Research URL: b0d23653b33dab4e71cb4c3dfc0c27d989ecdee2
Home page URL: Security reports for Portfolio Gallery – Responsive Image Gallery
Application: Portfolio Gallery – Responsive Image Gallery
Date: May 11, 2023
Research Description: Portfolio Gallery – Responsive Image Gallery [gallery-portfolio] < 1.4.6 WordPress Portfolio Gallery – Responsive Image Gallery Plugin <= 1.4.5 is vulnerable to Broken Access Control No patched version is available. No reply from the vendor. Lana Codes discovered and reported this Broken Access Control vulnerability in WordPress Portfolio Gallery – Responsive Image Gallery Plugin. This vulnerability has not been known to be fixed yet.
Affected versions: max 1.4.6.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-32585
Home page URL: Security reports for Portfolio Gallery – Responsive Image Gallery
Application: Portfolio Gallery – Responsive Image Gallery
Date: Dec 13, 2024
Research Description: Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6.
Affected versions: max 1.4.6.
Status: vulnerable

Jan 11, 2026

CVE, Research URL: CVE-2025-62098
Home page URL: Security reports for Portfolio Gallery – Responsive Image Gallery
Application: Portfolio Gallery – Responsive Image Gallery
Date: Dec 31, 2025
Research Description: Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.
Affected versions: max 1.4.8.
Status: vulnerable