Gallery Portfolio
by WordPress
Source repositories
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1000124 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 | ||
| CVE-2023-32585 | Hig | 0.49 | 7.5 | 0.01 | Dec 13, 2024 | Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6. | ||
| CVE-2016-1000116 | Hig | 0.47 | 7.2 | 0.02 | Oct 21, 2016 | Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS | ||
| CVE-2016-1000115 | Hig | 0.47 | 7.2 | 0.03 | Oct 21, 2016 | Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS | ||
| CVE-2024-29769 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6. | ||
| CVE-2025-62098 | Med | 0.35 | 5.4 | 0.00 | Dec 31, 2025 | Missing Authorization vulnerability in totalsoft Portfolio Gallery gallery-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through <= 1.4.8. | ||
| CVE-2024-13231 | Med | 0.34 | 5.3 | 0.00 | Feb 19, 2025 | The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_video' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated… | ||
| CVE-2014-125101 | Med | 0.34 | 6.3 | 0.01 | May 28, 2023 | A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this… |
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
- risk 0.49cvss 7.5epss 0.01
Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6.
- risk 0.47cvss 7.2epss 0.02
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
- risk 0.47cvss 7.2epss 0.03
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in totalsoft Portfolio Gallery gallery-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through <= 1.4.8.
- risk 0.34cvss 5.3epss 0.00
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_video' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated…
- risk 0.34cvss 6.3epss 0.01
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this…