Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.4 - Authenticated (Custom+) Stored Cross-Site Scripting via Product SKU

Description

A vulnerability identified as problematic has been detected in dokaninc Dokan Plugin up to 5.0.4 on WordPress. Impacted is the function html. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2026-11783. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

Affected Products

Vendor	Product	Versions
dokan	dokan: ai powered woocommerce multivendor marketplace solution	0, 5.0.4

References

Related News (1 articles)

Tier C

VulDB18h ago

CVE-2026-11783 | dokaninc Dokan Plugin up to 5.0.4 on WordPress html cross site scripting

→ No new info (linked only)

CVSS 3.16.4 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-79

PublishedJun 27, 2026

Last enriched17h agov2

Trending Score43

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.4 - Authenticated (Custom+) Stored Cross-Site Scripting via Product SKU

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (5)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History