CVE-2026-42677

HIGH

WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability

Title source: cna

Description

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0.

References (1)

Core 1

Core References

Vdb Entry vdb-entry

https://patchstack.com/database/wordpress/plugin/wp-document-revisions/vulnerability/wordpress-wp-document-revisions-plugin-3-8-1-broken-access-control-vulnerability?_s_id=cve

Scores

CVSS v3 7.5

EPSS 0.0023

EPSS Percentile 13.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-862

Status published

Products (1)

Ben Balter/WP Document Revisions < 4.0.0

Published Jun 01, 2026

Tracked Since Jun 01, 2026