Does Dokan Migrator have any unpatched vulnerabilities?

No. All known vulnerabilities in Dokan Migrator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dokan Migrator compatible with WordPress 6.8.5?

According to WordPress.org data, Dokan Migrator 1.1.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Dokan Migrator compatible with PHP 7.4+?

Dokan Migrator requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dokan Migrator updated?

Dokan Migrator was last updated on Oct 29, 2025. Frequent updates are generally a positive security signal.

What is Dokan Migrator's security score?

Dokan Migrator has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dokan Migrator Security & Risk Analysis

wordpress.org/plugins/dokan-migrator

Migrate your marketplace from WCFM, WC Vendors to Dokan with one click. Secure data transfer within minutes.

20 active installs v1.1.3 PHP 7.4+ WP 5.8+ Updated Oct 29, 2025

dokandokan-migratormultivendor-marketplace

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dokan Migrator Safe to Use in 2026?

Generally Safe

Score 100/100

Dokan Migrator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The Dokan Migrator plugin v1.1.3 exhibits a mixed security posture. While it shows good practices in SQL query preparation and output escaping, with 84% and 85% respectively, and no known historical vulnerabilities or bundled libraries, there are significant concerns regarding its attack surface.

The primary risk stems from the presence of 7 AJAX handlers, of which 4 lack proper authentication checks. Furthermore, the taint analysis identified 2 flows with unsanitized paths, rated as high severity. These unsanitized flows, coupled with unprotected AJAX endpoints, represent a clear pathway for potential attackers to execute malicious actions or expose sensitive data.

The plugin's clean vulnerability history is a positive sign, suggesting developers may be responsive to security issues when they arise. However, the current findings, particularly the unprotected AJAX endpoints and high-severity taint flows, indicate areas that require immediate attention. The plugin has strengths in its handling of SQL and output, but the exposed attack surface and potential for unsanitized data manipulation pose a notable risk.

Key Concerns

4 AJAX handlers without auth checks
2 high severity unsanitized taint flows
Only 1 nonce check for 7 entry points
Only 3 capability checks for 7 entry points

Vulnerabilities

None known

Dokan Migrator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Dokan Migrator Code Analysis

Dangerous Functions

Raw SQL Queries

21 prepared

Unescaped Output

23 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

84% prepared25 total queries

Output Escaping

85% escaped27 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

mark_completed (includes\Migrator\Ajax.php:206)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Dokan Migrator Attack Surface

Entry Points7

Unprotected4

AJAX Handlers 7

authwp_ajax_dokan_migrator_count_dataincludes\Migrator\Ajax.php:23

authwp_ajax_dokan_migrator_import_dataincludes\Migrator\Ajax.php:24

authwp_ajax_dokan_migrator_last_migratedincludes\Migrator\Ajax.php:25

authwp_ajax_dokan_migrator_active_vendor_dashboardincludes\Migrator\Ajax.php:26

authwp_ajax_reset_and_restart_migrationincludes\Migrator\Ajax.php:28

authwp_ajax_dokan_migrator_set_selected_stepsincludes\Migrator\Ajax.php:30

authwp_ajax_dokan_migrator_mark_completedincludes\Migrator\Ajax.php:32

WordPress Hooks 14

actionbefore_woocommerce_initdokan-migrator.php:91

actiondokan_loadeddokan-migrator.php:94

actiondokan_checkout_update_order_metaincludes\Abstracts\OrderMigration.php:302

actionadmin_noticesincludes\Admin\Manager.php:51

actionadmin_menuincludes\Admin\Menu.php:22

filterdokan_shipping_methodsincludes\Integrations\Wcfm\OrderMigrator.php:35

filterdokan_shipping_methodincludes\Integrations\Wcfm\OrderMigrator.php:37

actioninitincludes\Migrator\Assets.php:20

filterwoocommerce_email_classesincludes\Migrator\Manager.php:276

filterwoocommerce_template_directoryincludes\Migrator\Manager.php:284

filterwoocommerce_email_actionsincludes\Migrator\Manager.php:292

filterwoocommerce_email_classesincludes\Migrator\Manager.php:309

filterwoocommerce_template_directoryincludes\Migrator\Manager.php:316

filterwoocommerce_email_actionsincludes\Migrator\Manager.php:323

Maintenance & Trust

Dokan Migrator Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 29, 2025

PHP min version7.4

Downloads3K

Community Trust

Rating20/100

Number of ratings2

Active installs20

Alternatives

Dokan Migrator Alternatives

Dokan Vendor Dashboard

dokan-vendor-dashboard

THIS IS AN ADD-ON TO USE WITH DOKAN AND DOKAN PRO PLUGINS.

400 No CVEs

Dokan Vendor Info Hider – Hide Vendor info from Store-list and store page

dokan-vendor-info-hider

This plugin will help you to hide the informations of vendors on your marketplace.

100 No CVEs

Migrate to WooCommerce Multivendor Marketplace

wc-multivendor-marketplace-migration

Migrate your WC Markerplace or WC Vendors Marketplace or Dokan Multivendor or WC Product Vendors store to WooCommerce Multivendor Marketplace (WCFM Ma …

40 No CVEs

Dokan Plus

dokan-plus

100

This plugin will help you to restrict your marketplace built with Dokan Multivendor Marketplace.

20 No CVEs

Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy

dokan-lite

Transform your WooCommerce site into a multivendor marketplace with Dokan – an AI powered & advanced WooCommerce marketplace solution

40K 7 CVEs

Developer Profile

Dokan Migrator Developer Profile

weDevs

20 plugins · 113K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

366 days

View full developer profile

Detection Fingerprints

How We Detect Dokan Migrator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dokan-migrator/assets/dist/index.asset.php

HTML / DOM Fingerprints

JS Globals

dokan_migrator

Shortcode Output

<div id="dokan-migrator-app"></div>

FAQ