Missing Authorization Vulnerability in WP Document Revisions by Ben Balter
CVE-2025-68585

2.7LOW

Key Information:

Vendor: WordPress
Status: WP Document Revisions
Vendor: CVE Published:; 24 December 2025

What is CVE-2025-68585?

A missing authorization vulnerability has been identified in the WP Document Revisions plugin developed by Ben Balter. This flaw allows attackers to exploit incorrectly configured access control settings, potentially leading to unauthorized access to sensitive documents. The issue affects versions of WP Document Revisions up to and including 3.7.2. Users are urged to review their access configurations and apply any available updates to ensure robust security and protect against unauthorized access.

Affected Version(s)

WP Document Revisions 0 <= 3.7.2

References

https://patchstack.com/database/Wordpress/Plugin/wp-docum...

vdb-entry

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2025
Vulnerability Reserved
Dec 19, 2025

Credit

Nabil Irawan | Patchstack Bug Bounty Program

CVE-2025-68585 Data

JSON

WordPress

What is CVE-2025-68585?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit