CVE Catalog
CVE-2026-56033
CriticalCVSS 9.8Summary
A vulnerability in the Dokan Pro plugin version 5.0.4 and earlier allows an unauthenticated attacker to escalate privileges. This means a person without a valid account can gain higher privileges in the system.
Risk Assessment
The risk is that an unauthenticated attacker can take over an administrator account or gain access to sensitive functions, potentially leading to full compromise of the WordPress site.
Recommendation
It is recommended to immediately update the Dokan Pro plugin to a version newer than 5.0.4. Also check logs for suspicious activity and consider temporarily disabling the plugin until the update is applied.
Original NVD description (English source)
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.

