cleantalk
Vulnerabilities and Security Researches

Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy, CVE-2022-3194

CVE, Research URL

CVE-2022-3194

Home page URL

Security reports for Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy

Application

Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy

Published on
Jan 16, 2024
Research Description
The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.
Affected versions
max 3.6.6.
Status
vulnerable
Previous vulnerability researches
Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy (CVE-2025-53425) , Nov 10, 2025
Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy (CVE-2022-3915) , Jun 07, 2024
Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy (CVE-2020-36748) , Jun 07, 2024
Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy (CVE-2023-34382) , Jun 07, 2024
Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy (CVE-2022-3194) , Jun 07, 2024
New vulnerability
WP Statistics (CVE-2025-9816) , Nov 10, 2025
GenerateBlocks (CVE-2025-11879) , Nov 10, 2025
Schema & Structured Data for WP & AMP (CVE-2025-11502) , Nov 10, 2025
OOPSpam Anti-Spam (CVE-2025-12094) , Nov 10, 2025
Playerzbr (CVE-2025-11825) , Nov 10, 2025