Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy

Vulnerabilities 14Slug dokan-liteLatest version 5.0.1WordPress.org →

Minimum safe version

4.3.2

Update to 4.3.2 or later to address 14 fixable vulnerabilities

Latest available5.0.1 ✓

Medium 5.3

2026-05-02< 4.3.2

CVE-2026-3504

CVE EUVD Wordfence

High 8.8

2026-03-25< 4.2.5

CVE-2026-24359

CVE Wordfence

High 8.1

2026-01-20< 4.2.5

CVE-2025-14977

CVE Wordfence

High 7.2

2025-10-22< 4.1.4

CVE-2025-53425

CVE Wordfence

Medium 4.3

2023-07-01< 3.0.9

CVE-2020-36748

CVE Wordfence WPScan

Medium 4.4

2023-12-19< 3.7.20

CVE-2023-34382

CVE Patchstack

N/A

2023-06-07< 3.7.20

Dokan <=3.7.19 - Authenticated(Shop Manager+) PHP Object Injection via create_dummy_vendor

Wordfence

N/A

2023-06-07< 3.2.1

CVE-2021-4342

CVE

High 7.1

2023-12-20< 3.7.13

CVE-2023-26525

CVE Wordfence Patchstack

N/A

< 3.2.1

Various Affected Software (Various Versions) - Cross-Site Request Forgery Bypass

Wordfence

Medium 5.4

2024-01-16< 3.6.6

CVE-2022-3194

CVE Wordfence Wordfence WPScan

Critical 9.8

2022-12-12< 3.7.6

CVE-2022-3915

CVE Wordfence WPScan

N/A

2020-09-16< 3.0.9

WordPress Dokan plugin <= 3.0.8 - Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

N/A

2021-03-01< 3.2.1

WordPress Dokan plugin <= 3.2.0 - Cross-Site Request Forgery (CSRF) vulnerability

Patchstack