HIGH 7.5

CVE-2026-42677: WP Document Revisions Missing Authorization – Confidentiality Impact

A missing authorization flaw in WP Document Revisions allows unauthenticated attackers to access sensitive documents by exploiting improperly configured security levels. The vulnerability affects how the plugin enforces access control rules, enabling unauthorized users to view confidential information stored within the WordPress environment.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.5 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weaknesses (CWE)
CWE-862
Affected products
0 configuration(s)
Published / Modified
2026-06-01 / 2026-06-17

NVD description (verbatim)

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0.

1 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-42677 is a missing authorization vulnerability (CWE-862) in the WP Document Revisions plugin. The plugin fails to properly validate user permissions before granting access to documents, allowing attackers to bypass intended access control mechanisms. The flaw arises from incorrectly configured security levels that do not adequately enforce authorization checks, enabling unauthenticated network access to confidential document data without requiring authentication or user interaction.

Business impact

This vulnerability exposes a significant confidentiality risk for organizations using WP Document Revisions for internal collaboration and document storage. Attackers can retrieve sensitive business documents, intellectual property, financial records, or other confidential materials stored within affected WordPress instances without legitimate access rights. This exposure could lead to competitive harm, regulatory violations, breach notifications, and loss of stakeholder trust, particularly for enterprises in regulated industries managing privileged information.

Affected systems

WP Document Revisions versions prior to 4.0.0 are affected. The plugin is typically deployed on WordPress sites used for collaborative document management. Any WordPress installation with WP Document Revisions enabled and inadequately secured access control settings is at risk, regardless of infrastructure (hosted or self-managed WordPress environments).

Exploitability

The vulnerability is readily exploitable. It requires no authentication, no special privileges, and no user interaction—attackers can exploit it directly over the network. The attack complexity is low, meaning no special conditions or race conditions are required. This combination of network accessibility and low complexity significantly elevates the practical risk of exploitation in production environments.

Remediation

Organizations must update WP Document Revisions to version 4.0.0 or later, which addresses the missing authorization vulnerability. Prior to patching, apply compensating controls: verify document access settings within WP Document Revisions are explicitly configured to restrict visibility to authorized users only, disable the plugin if document sharing is not required, and implement additional WordPress-level access restrictions or Web Application Firewall rules to limit exposure during the remediation window.

Patch guidance

Upgrade WP Document Revisions to version 4.0.0 or a later release as soon as feasible. Verify the patch installation by confirming the version number within the WordPress plugin management interface. Test document access behavior post-upgrade to ensure authorization checks are functioning correctly and documents remain visible only to intended users. Review any custom access control configurations to ensure they align with the updated authorization model.

Detection guidance

Monitor WordPress access logs and WP Document Revisions activity logs for unauthorized document access attempts or unusual download patterns from unauthenticated sources. Look for HTTP requests to document endpoints (typically wp-json or internal document retrieval URLs) from IP addresses or user agents not matching known internal patterns. Audit existing document permissions settings to identify any documents unintentionally marked as publicly accessible. Enable WordPress security plugins configured to detect access control anomalies or unauthorized data retrieval.

Why prioritize this

This vulnerability merits immediate attention due to its high CVSS score (7.5), network accessibility, lack of authentication requirements, and direct impact on confidential data confidentiality. The missing authorization flaw represents a straightforward path to unauthorized information disclosure. Organizations relying on WP Document Revisions for sensitive document collaboration should prioritize patching to prevent active exploitation and data exposure.

Risk score, explained

The CVSS v3.1 score of 7.5 (HIGH) reflects a vulnerability with network attack vector, low attack complexity, no privilege or user interaction requirements, and high confidentiality impact. The absence of integrity or availability impact moderates the score slightly; however, the ease of exploitation and confidentiality exposure justify the HIGH severity classification.

Frequently asked questions

Does this vulnerability allow attackers to modify or delete documents?

No. This vulnerability specifically impacts confidentiality—it enables unauthorized reading of documents. Attackers cannot modify, delete, or corrupt documents through this flaw. However, the disclosure of sensitive information is itself a serious breach.

Do I need to authenticate to WordPress to exploit this vulnerability?

No. The vulnerability allows unauthenticated network access to documents. An attacker does not need a WordPress user account or login credentials; they can exploit the flaw directly from an external network connection.

What should I do if I cannot patch immediately?

Ensure WP Document Revisions access control settings are explicitly configured to restrict document visibility to authorized users only. Consider disabling the plugin temporarily if document sharing is not essential. Implement additional security controls such as IP whitelisting, Web Application Firewall rules, or reverse proxy authentication to limit access to the WordPress admin and document retrieval endpoints.

Is this vulnerability being actively exploited?

The vulnerability is not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog, indicating no confirmed active exploitation at the time of publication. However, the low barrier to exploitation means this status could change; prioritize patching as part of routine security maintenance.

This analysis is provided for informational purposes to support security decision-making. The vulnerability details, affected versions, and patch information are based on available CVE data and vendor disclosures. Organizations must verify patch availability and compatibility with their specific WordPress environments before deployment. Verify CVSS scores, patch version numbers, and specific product configurations against the original vendor advisories. This advisory does not constitute legal advice or guarantee of security; implement controls according to your organization's risk tolerance and regulatory requirements. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).