WordPress Dokan plugin <= 5.0.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Dokan versions = 5.0.2...

CVE-2026-24359 WordPress Dokan plugin <= 4.2.4 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through = 4.2.4...

CVE-2026-24359

CVE-2026-24359 describes an authentication bypass in Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Dokan Lite, affected up to version 4.2.4. The entry specifies an Authentication Bypass via an alternate path/channel allowing authentication abuse, with CVSS v3.1 base score 8.8 (...

WordPress Dokan plugin <= 4.2.4 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by daroo in WordPress Plugin Dokan versions = 4.2.4...

CVE-2025-53425

CVE-2025-53425 concerns an incorrect privilege assignment in the WordPress Dokan plugin (dokan-lite). Affected versions are cited as

CVE-2025-53425 WordPress Dokan plugin <= 4.1.3 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.3...

WordPress Dokan Plugin <= 3.7.19 is vulnerable to PHP Object Injection

Software Dokan Type Plugin Vulnerable versions = 3.7.19 Fixed in 3.7.20 OWASP Top 10 A8: Insecure Deserialization Classification PHP Object Injection CVE CVE-2023-34382 Patch priority Medium CVSS severity Medium 4.4 Developer Claim ownership PSID e06401ebc804 Credits Theodoros Malachias Required...