Vulnerabilities in dokaninc

4 results

CVE-2020-36748MEDIUMDokan <= 3.0.8 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2025-14977HIGHDokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Insecure Direct Object Reference to PayPal Account Takeover and Sensitive Information DisclosureEPSS 0.3%CVE-2026-3504MEDIUMDokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API EndpointEPSS 0.3%CVE-2026-10023MEDIUMDokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.3 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Order Modification via Multiple AJAX HandlersEPSS 0.3%