Does WPMK Portfolio have any unpatched vulnerabilities?

No. All known vulnerabilities in WPMK Portfolio have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WPMK Portfolio compatible with WordPress 5.8.13?

According to WordPress.org data, WPMK Portfolio 1.0.1 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is WPMK Portfolio updated?

WPMK Portfolio was last updated on Oct 26, 2021. Frequent updates are generally a positive security signal.

What is WPMK Portfolio's security score?

WPMK Portfolio has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPMK Portfolio Security & Risk Analysis

wordpress.org/plugins/wpmk-portfolio

This Plugin will provide you to add portfolio, media gallery into your wordpress website.

0 active installs v1.0.1 PHP + WP 3.3+ Updated Oct 26, 2021

galleryjquerymedia-gallerypictureportfolio

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPMK Portfolio Safe to Use in 2026?

Generally Safe

Score 85/100

WPMK Portfolio has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "wpmk-portfolio" plugin version 1.0.1 exhibits a generally good security posture based on the provided static analysis. The absence of any recorded vulnerabilities (CVEs) and the clean taint analysis, with no high-severity issues, are positive indicators. Furthermore, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries, performing nonce checks, and implementing capability checks. The limited attack surface, with only one shortcode and no unprotected entry points, further contributes to its security.

However, a significant concern arises from the output escaping analysis, where only 47% of outputs are properly escaped. This indicates a potential for cross-site scripting (XSS) vulnerabilities, as user-supplied data or data processed by the plugin might not be sufficiently sanitized before being displayed to users. While the taint analysis didn't flag any unsanitized paths, the low percentage of properly escaped output remains a notable weakness that could be exploited.

In conclusion, while the plugin has a strong foundation with no known vulnerabilities and secure handling of SQL and critical entry points, the significant portion of unescaped output presents a tangible risk. The lack of historical vulnerabilities is encouraging, but the identified code signal deficiency in output escaping demands attention to prevent potential XSS attacks.

Key Concerns

Low percentage of properly escaped output

Vulnerabilities

None known

WPMK Portfolio Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WPMK Portfolio Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

47% escaped34 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<wpmk-portfolio-save-setting-page> (includes\settings\wpmk-portfolio-save-setting-page.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WPMK Portfolio Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wpmk-portfolio] includes\classes\class-portfolio-template-config.php:28

WordPress Hooks 14

actioninitincludes\classes\class-portfolio-base.php:27

actioninitincludes\classes\class-portfolio-post-type.php:27

actioninitincludes\classes\class-portfolio-post-type.php:28

actioninitincludes\classes\class-portfolio-post-type.php:29

actionadd_meta_boxesincludes\classes\class-portfolio-post-type.php:30

actionsave_postincludes\classes\class-portfolio-post-type.php:31

actionadmin_menuincludes\classes\class-portfolio-post-type.php:32

actioninitincludes\classes\class-portfolio-styles-scripts.php:32

actioninitincludes\classes\class-portfolio-styles-scripts.php:36

actioninitincludes\classes\class-portfolio-styles-scripts.php:40

actioninitincludes\classes\class-portfolio-styles-scripts.php:41

actionadmin_enqueue_scriptsincludes\classes\class-portfolio-styles-scripts.php:42

filterplugin_action_linkswpmk-portfolio.php:68

filterplugin_row_metawpmk-portfolio.php:89

Maintenance & Trust

WPMK Portfolio Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedOct 26, 2021

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

WPMK Portfolio Alternatives

Responsive Filterable Portfolio

responsive-filterable-portfolio

This is a beautiful responsive portfolio with responsive lightbox plugin for WordPress blogs and sites. Admin can manage any number of videos, images, …

1K 4 CVEs

T&P Gallery Slider

tp-gallery-slider

T&P Gallery Slider for WordPress is an image hover/click gallery as a WordPress plugin.

50 1 unpatched

Expert Village Media Portfolio

evm-portfolio

This portfolio plugin is highly suitable to showcase your work / portfolio and group them nicely under jQuery powered filters

20 No CVEs

jQuery googleslides

jquery-googleslides

Integrates the googleslides jQuery plugin to display your Google Photos, including Picasa and Google+ albums.

20 No CVEs

Simple Video Directory

simple-media-directory

Wordpress Video Directory plugin to curate topic based media gallery. Curate gorgeous video Directory, Video List, Video Gallery, Video Portfolio etc.

10 2 CVEs

Developer Profile

WPMK Portfolio Developer Profile

WPMK

5 plugins · 100 total installs

trust score

Avg Security Score

81/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WPMK Portfolio

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpmk-portfolio/assets/css/wpmk-default.css/wp-content/plugins/wpmk-portfolio/assets/css/animate.min.css/wp-content/plugins/wpmk-portfolio/assets/js/wpmk-script.js/wp-content/plugins/wpmk-portfolio/assets/css/wpmk-admin.css/wp-content/plugins/wpmk-portfolio/assets/css/3_col_grid_view.css/wp-content/plugins/wpmk-portfolio/assets/css/4_col_grid_view.css

Script Paths

/wp-content/plugins/wpmk-portfolio/assets/js/wpmk-script.js

Version Parameters

wpmk-script?ver=wpmk-default?ver=animate.min.css?ver=wpmk-admin.css?ver=3_col_grid_view.css?ver=4_col_grid_view.css?ver=

HTML / DOM Fingerprints

HTML Comments

<!-- 
* @package WPMK PORTFOLIO
* 
* Here we define plugin stylesheet and scripts
* that we use for run portfolio
* 
-->

<!-- 
* 
* Here we define plugin action hook
* it will add link in plugin action bar
* 
-->

<!-- 
* 
* Here we define plugin action hook
* it will add link in plugin action bar
* 
-->

<!-- 
* 
* Here portfolio base functions that used
* in setting controls that can not be hendle
* by php classes
* 
-->

+3 more

FAQ