CVE-2023-32585 – WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2023-32585

11 May 2023 — Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6. The Portfolio Gallery – Responsive Image Gallery plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the TotalSoftPortfolio_Del_Callback() function called via an AJAX action in versions up t... • https://patchstack.com/database/wordpress/plugin/gallery-portfolio/vulnerability/wordpress-portfolio-gallery-responsive-image-gallery-plugin-1-4-5-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •