{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-67985", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:00:33.670Z", "datePublished": "2025-12-16T08:12:58.770Z", "dateUpdated": "2026-04-28T16:14:25.282Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "document-library-lite", "product": "Document Library Lite", "vendor": "Barn2 Plugins", "versions": [{"changes": [{"at": "1.2.0", "status": "unaffected"}], "lessThanOrEqual": "1.1.7", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Dr. M Fahad Khan | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:23:49.863Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Document Library Lite: from n/a through <= 1.1.7.</p>"}], "value": "Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through <= 1.1.7."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:25.282Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/document-library-lite/vulnerability/wordpress-document-library-lite-plugin-1-1-7-insecure-direct-object-references-idor-vulnerability?_s_id=cve"}], "title": "WordPress Document Library Lite plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-18T15:26:25.604342Z", "id": "CVE-2025-67985", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T18:09:51.513Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-67985", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-18T15:26:25.604342Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-18T15:26:16.077Z"}}], "cna": {"title": "WordPress Document Library Lite plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Dr. M Fahad Khan | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Barn2 Plugins", "product": "Document Library Lite", "versions": [{"status": "affected", "changes": [{"at": "1.2.0", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "1.1.7"}], "packageName": "document-library-lite", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:23:49.863Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/document-library-lite/vulnerability/wordpress-document-library-lite-plugin-1-1-7-insecure-direct-object-references-idor-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through <= 1.1.7.", "supportingMedia": [{"type": "text/html", "value": "Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Document Library Lite: from n/a through <= 1.1.7.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:13:55.366Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67985", "state": "PUBLISHED", "dateUpdated": "2026-04-27T18:09:51.513Z", "dateReserved": "2025-12-15T10:00:33.670Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2025-12-16T08:12:58.770Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through <= 1.1.7."}], "id": "CVE-2025-67985", "lastModified": "2026-04-27T18:16:52.523", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2025-12-16T09:16:00.373", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/document-library-lite/vulnerability/wordpress-document-library-lite-plugin-1-1-7-insecure-direct-object-references-idor-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:25:33.272152+00:00", "value": {"mitigation_remediation": ["Upgrade Document Library Lite to a version that contains the IDOR fix (currently >=1.1.8).", "If an immediate update is not feasible, configure the plugin to make all document files private and restrict download permissions to users with appropriate roles such as Administrator or Author.", "As a temporary protective measure, implement server\u2011side access checks (for example, using .htaccess or a front\u2011controller) to validate the user role before serving document files, thereby blocking direct URL access."], "summary": {"action": "Apply Patch", "impact": "Unauthorized Access to Protected Documents"}, "threat_synthesis": {"affected_systems": "WordPress sites that use the Barn2 Plugins Document Library Lite plugin. All installations running version 1.1.7 or earlier are affected, while newer releases are not listed as vulnerable.", "description_and_impact": "The vulnerability is an Insecure Direct Object Reference that allows an attacker to bypass authorization checks by supplying a user\u2011controlled key. This results in unauthorized access to documents stored by the Barn2 Plugins Document Library Lite plugin, effectively granting an attacker the ability to read or download sensitive files that should otherwise be restricted. The weakness is classified as CWE\u2011639, indicating a flaw in access control logic.", "risk_and_exploitability": "The CVSS score of 5.3 places the vulnerability in the moderate severity range. The EPSS score of less than 1% indicates a low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker can construct a URL containing a valid or guessed resource key to directly retrieve a protected document without needing to authenticate."}}}}, "created": "2025-12-16T17:09:15.792190+00:00", "updated": "2026-04-27T22:30:14.455775+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}