Smartypants Document Manager: Unrestricted Access to Confidential Files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Smartypants Document Manager: Unrestricted Access to Confidential Files

CVE-2024-31118

Summary

An issue in Smartypants Document Manager allows unauthorized access to sensitive files if access control is not properly set up. This means that someone with the wrong settings could view or edit documents they shouldn't be able to. Update to the latest version of the software to fix this issue.

Original title

Missing Authorization vulnerability in Smartypants SP Project & Document Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SP Project & Document Man...

Original description

nvd CVSS3.1 6.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/wordpress/plugin/sp-client-document-manager/vuln...

Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026