Does Dokan Order Approval have any unpatched vulnerabilities?

No. All known vulnerabilities in Dokan Order Approval have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dokan Order Approval compatible with WordPress 6.7.5?

According to WordPress.org data, Dokan Order Approval 2.0.6 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Dokan Order Approval compatible with PHP 5.4+?

Dokan Order Approval requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dokan Order Approval updated?

Dokan Order Approval was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Dokan Order Approval's security score?

Dokan Order Approval has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dokan Order Approval Security & Risk Analysis

wordpress.org/plugins/dokan-order-approval

Dokan Vendor needs to approve order before payment is processed.

50 active installs v2.0.6 PHP 5.4+ WP 4.0+ Updated Unknown

dokandokan-litedokan-orderdokan-order-approvaldokan-pre-order

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dokan Order Approval Safe to Use in 2026?

Generally Safe

Score 100/100

Dokan Order Approval has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The Dokan Order Approval plugin v2.0.7 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of identified AJAX handlers, REST API routes, shortcodes, and file operations significantly limits the potential attack surface. The code analysis shows no dangerous functions, no raw SQL queries (all use prepared statements), and a high percentage of properly escaped output, which are all positive indicators. The lack of any recorded vulnerabilities, including CVEs, further reinforces this good security standing.

However, a notable concern is the complete absence of nonce checks and capability checks in the code. While the current analysis shows no unprotected entry points, the lack of these fundamental WordPress security mechanisms means that if any new entry points were introduced or if existing ones were misconfigured, they would be immediately vulnerable to exploitation. The single cron event also presents a potential, albeit small, avenue for attackers if not properly secured, although the analysis doesn't indicate any issues with it.

In conclusion, the plugin demonstrates good development practices in areas like SQL handling and output escaping, and its historical lack of vulnerabilities is reassuring. Nevertheless, the complete omission of nonce and capability checks is a significant weakness that introduces an unnecessary risk. Addressing this deficiency would greatly improve the plugin's overall security resilience.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Dokan Order Approval Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Dokan Order Approval Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

78% escaped50 total outputs

Attack Surface

Dokan Order Approval Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 23

filtersgdoa_deactivate_feedback_form_pluginsdokan-order-approval.php:75

actionbefore_woocommerce_initdokan-order-approval.php:111

actionbefore_woocommerce_initdokan-order-approval.php:121

filterwoocommerce_email_enabled_new_orderincludes\class-dokan-order-approval-vendor-order.php:39

filterwoocommerce_email_classesincludes\class-sg-dokan-order-approval-wc_email.php:12

actionplugins_loadedincludes\class-sg-dokan-order-approval.php:139

actionadmin_enqueue_scriptsincludes\class-sg-dokan-order-approval.php:155

actionadmin_enqueue_scriptsincludes\class-sg-dokan-order-approval.php:156

actionwoocommerce_order_status_waitingincludes\class-sg-dokan-order-approval.php:158

actiondokan_order_detail_after_order_general_detailsincludes\class-sg-dokan-order-approval.php:160

filtersg_oawoo_additional_settingsincludes\class-sg-dokan-order-approval.php:163

actionwoocommerce_admin_field_sgits_relative_selectincludes\class-sg-dokan-order-approval.php:166

actionwoocommerce_thankyouincludes\class-sg-dokan-order-approval.php:171

filterplugin_row_metaincludes\class-sg-dokan-order-approval.php:180

actionwpincludes\class-sg-dokan-order-approval.php:183

actionsgits_doa_cancel_unpaid_orders_action_hookincludes\class-sg-dokan-order-approval.php:184

actionadmin_noticesincludes\class-sg-dokan-order-approval.php:186

actionwp_headincludes\class-sg-dokan-order-approval.php:205

filterdokan_my_account_my_sub_orders_actionsincludes\class-sg-dokan-order-approval.php:206

actiondokan_get_order_status_classincludes\class-sg-dokan-order-approval.php:207

actiondokan_get_order_status_translatedincludes\class-sg-dokan-order-approval.php:208

actionadmin_enqueue_scriptsplugin-deactivation-survey\deactivate-feedback-form.php:17

filtersgdoa_deactivate_feedback_form_pluginsplugin-deactivation-survey\deactivate-feedback-form.php:79

Scheduled Events 1

sgits_doa_cancel_unpaid_orders_action_hook

Maintenance & Trust

Dokan Order Approval Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version5.4

Downloads12K

Community Trust

Rating92/100

Number of ratings5

Active installs50

Alternatives

Dokan Order Approval Alternatives

Dokan Vendor Info Hider – Hide Vendor info from Store-list and store page

dokan-vendor-info-hider

This plugin will help you to hide the informations of vendors on your marketplace.

100 No CVEs

Dokan Access Manager

dokan-access-manager

A add-ons plugin for access manager vendor to all items dokan seller dashboard. Only work by Dokan multivendor plugin

50 No CVEs

Dokan Plus

dokan-plus

100

This plugin will help you to restrict your marketplace built with Dokan Multivendor Marketplace.

20 No CVEs

Dokan Menu Hider

dokan-menu-hider

Dokan Menu Hider for Dokan plugin.

600 No CVEs

Dokan Invoice

dokan-invoice

100

PDF Invoicing system for Admin, Seller and Customer

500 No CVEs

Developer Profile

Dokan Order Approval Developer Profile

Sarankumar

12 plugins · 3K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dokan Order Approval

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dokan-order-approval/admin/css/dokan-order-approval-pro-admin.css/wp-content/plugins/dokan-order-approval/admin/css/settings-sidebar.css/wp-content/plugins/dokan-order-approval/admin/css/common.css

HTML / DOM Fingerprints

CSS Classes

dokan-paneldokan-panel-defaultdokan-panel-heading

FAQ