Dokan < 3.7.6 - Unauthenticated SQLi
Description
Dokan plugin before 3.7.6 suffers from an unauthenticated SQL injection vulnerability due to improper sanitization and escaping of a parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dokan plugin before 3.7.6 suffers from an unauthenticated SQL injection vulnerability due to improper sanitization and escaping of a parameter.
Vulnerability
The Dokan WordPress plugin versions before 3.7.6 fail to properly sanitize and escape a parameter before using it in a SQL statement. This flaw leads to an unauthenticated SQL injection vulnerability, as detailed in the WPScan advisory [1]. The vulnerable code path is reachable without requiring any authentication or special privileges.
Exploitation
An unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request containing malicious SQL payloads in the unsanitized parameter. The attacker has no need for user interaction or prior authentication, making the attack remotely exploitable from the network [1].
Impact
Successful exploitation allows the attacker to inject arbitrary SQL commands into the database query. This can lead to unauthorized reading of sensitive data, modification or deletion of database records, and potentially further compromise of the WordPress site [1].
Mitigation
The vulnerability is fixed in Dokan version 3.7.6, released on 2022-11-21 [1]. Users should immediately update to this version or later. No workarounds are documented in the advisory. The vulnerability is not currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
1dbec0251d8ccVulnerability mechanics
Root cause
"The plugin does not properly sanitize and escape a parameter before using it in a SQL statement."
Attack vector
An unauthenticated user can exploit this vulnerability by sending a crafted request to the affected plugin. The request includes a parameter that is not properly sanitized before being used in a SQL query. This allows an attacker to inject malicious SQL code, leading to unauthorized data access or modification. The vulnerability is classified as SQL injection [CWE-89] [ref_id=1].
Affected code
The vulnerability exists in the Dokan WordPress plugin due to improper sanitization and escaping of a parameter used in SQL statements. The specific code paths involved are not detailed in the provided patch or references, but the fix is applied in version 3.7.6.
What the fix does
The patch addresses the SQL injection vulnerability by properly sanitizing and escaping the parameter before it is used in the SQL statement. This ensures that any malicious input is treated as literal data rather than executable SQL code. The fix is included in version 3.7.6 of the Dokan plugin [patch_id=1995022].
Preconditions
- authThe vulnerability is exploitable by unauthenticated users.
Reproduction
https://wpscan.com/vulnerability/fd416d99-1970-418f-81f5-8438490d4479
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- wpscan.com/vulnerability/fd416d99-1970-418f-81f5-8438490d4479mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.