CVE Catalog

CVE-2026-56033

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in the Dokan Pro plugin version 5.0.4 and earlier allows an unauthenticated attacker to escalate privileges. This means a person without a valid account can gain higher privileges in the system.

Risk Assessment

The risk is that an unauthenticated attacker can take over an administrator account or gain access to sensitive functions, potentially leading to full compromise of the WordPress site.

Recommendation

It is recommended to immediately update the Dokan Pro plugin to a version newer than 5.0.4. Also check logs for suspicious activity and consider temporarily disabling the plugin until the update is applied.

Original NVD description (English source)

Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS