Does M4WP Portfolio have any unpatched vulnerabilities?

No. All known vulnerabilities in M4WP Portfolio have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is M4WP Portfolio compatible with WordPress 4.5.33?

According to WordPress.org data, M4WP Portfolio 1.0.2 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is M4WP Portfolio updated?

M4WP Portfolio was last updated on Apr 13, 2016. Frequent updates are generally a positive security signal.

What is M4WP Portfolio's security score?

M4WP Portfolio has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

M4WP Portfolio Security & Risk Analysis

wordpress.org/plugins/m4wp-portfolio

A Made4WP plugin. This plugin adds the custom post type "Portfolio" and it's related features such as taxonomies or meta boxes.

300 active installs v1.0.2 PHP + WP 4.3.0+ Updated Apr 13, 2016

custom-post-typeportfoliopost-type

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is M4WP Portfolio Safe to Use in 2026?

Generally Safe

Score 85/100

M4WP Portfolio has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the m4wp-portfolio plugin version 1.0.2 exhibits a strong security posture. The code analysis reveals no dangerous functions, file operations, external HTTP requests, or SQL queries that are not using prepared statements. Furthermore, all identified output operations are properly escaped. The presence of both nonce and capability checks indicates good practice in securing entry points.

Taint analysis shows no identified flows, suggesting that user-supplied data is not being mishandled in a way that could lead to vulnerabilities like arbitrary code execution or path traversal. The plugin's vulnerability history is also clear, with no known CVEs recorded, which is a positive indicator of its current security state.

Overall, this plugin appears to be well-developed from a security perspective. The lack of any concerning signals in the static analysis and the clean vulnerability history suggest a low-risk profile. The total absence of unprotected entry points is particularly commendable, demonstrating a thoughtful approach to securing the plugin's functionality.

Vulnerabilities

None known

M4WP Portfolio Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

M4WP Portfolio Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped4 total outputs

Attack Surface

M4WP Portfolio Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionplugins_loadedincludes\class-m4wp-portfolio.php:138

actionadmin_enqueue_scriptsincludes\class-m4wp-portfolio.php:151

actionadmin_enqueue_scriptsincludes\class-m4wp-portfolio.php:152

actioninitincludes\class-m4wp-portfolio.php:155

filterpost_updated_messagesincludes\class-m4wp-portfolio.php:156

actionadd_meta_boxesincludes\class-m4wp-portfolio.php:157

actionsave_postincludes\class-m4wp-portfolio.php:158

actionwp_enqueue_scriptsincludes\class-m4wp-portfolio.php:172

actionwp_enqueue_scriptsincludes\class-m4wp-portfolio.php:173

Maintenance & Trust

M4WP Portfolio Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedApr 13, 2016

PHP min version

Downloads15K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

M4WP Portfolio Alternatives

Zilla Portfolio

zillaportfolio

A complete portfolio plugin for creative folks

400 No CVEs

Portfolio CPT

portfolio-cpt

Enables a 'Portfolio' type and 'Portfolio Tags' taxonomy.

300 No CVEs

Portfolio Gallery With Filters / SILICONFOLIO

siliconfolio

Powerful plugin that allows you to create amazing and responsive portfolios.

100 No CVEs

Junkie Portfolio

theme-junkie-portfolio-content

Adds a Portfolio section to your WordPress website.

100 No CVEs

Ruven Themes: Portfolio

ruven-themes-portfolio

RT Portfolio enables a "Portfolio" post type and "Type" taxonomy.

20 No CVEs

Developer Profile

M4WP Portfolio Developer Profile

Bobby Gunawan

1 plugin · 300 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect M4WP Portfolio

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/m4wp-portfolio/admin/css/m4wp-portfolio-admin.css/wp-content/plugins/m4wp-portfolio/admin/js/m4wp-portfolio-admin.js

Script Paths

/wp-content/plugins/m4wp-portfolio/admin/js/m4wp-portfolio-admin.js

Version Parameters

m4wp-portfolio/admin/css/m4wp-portfolio-admin.css?ver=m4wp-portfolio/admin/js/m4wp-portfolio-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

m4wp_portfolio_item_details_meta_box

Data Attributes

name="m4wp_portfolio_item_details_client"id="m4wp_portfolio_item_details_client"name="m4wp_portfolio_item_details_meta_box_nonce"

FAQ