136 matches found
Dokan Pro <= 3.10.3 - SQL Injection
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. id: CVE-2024-3922 info: name: Dokan Pro...
CVE-2026-3504
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
CVE-2026-3504
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
EUVD-2026-26790
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
CVE-2026-3504 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
CVE-2026-3504 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
CVE-2026-3504
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
CVE-2026-3504
The CVE-2026-3504 entry concerns the Dokan: AI Powered WooCommerce Multivendor Marketplace Solution for WordPress. Affects all versions up to 4.3.1 via the REST endpoint /dokan/v1/stores/{id}/reviews. The root cause is that prepare_reviews_for_response includes reviewer email addresses, usernames...
PT-2026-36618
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'prepare reviews for response' method...
WordPress plugin Dokan: AI Powered WooCommerce Multivendor Marketplace Solution 信息泄露漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint vulnerability
Unauthenticated Information Disclosure in Store Reviews REST API Endpoint vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Dokan versions = 4.3.1...
CVE-2026-24359
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through = 4.2.4...
EUVD-2026-15555
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through = 4.2.4...
CVE-2026-24359
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through = 4.2.4...
CVE-2026-24359 WordPress Dokan plugin <= 4.2.4 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through = 4.2.4...
CVE-2026-24359 WordPress Dokan plugin <= 4.2.4 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through = 4.2.4...
CVE-2026-24359
CVE-2026-24359 describes an authentication bypass in Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Dokan Lite, affected up to version 4.2.4. The entry specifies an Authentication Bypass via an alternate path/channel allowing authentication abuse, with CVSS v3.1 base score 8.8 (...
WordPress plugin Dokan 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-27848
Name of the Vulnerable Software and Affected Versions Dokan versions through 4.2.4 Description An authentication bypass issue exists in Dokan, specifically in the dokan-lite component. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Dokan to ...
WordPress Dokan plugin <= 4.2.4 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by daroo in WordPress Plugin Dokan versions = 4.2.4...