CVE-2022-3915 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2022-3915?

CVE-2022-3915 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the Dokan plugin. Attackers can potentially read, modify, or delete database content, including sensitive user data. All WordPress sites with vulnerable Dokan plugin versions are affected.

📋 TL;DR

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the Dokan plugin. Attackers can potentially read, modify, or delete database content, including sensitive user data. All WordPress sites with vulnerable Dokan plugin versions are affected.

💻 Affected Systems

Products:

Dokan WordPress Plugin

Versions: All versions before 3.7.6

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Dokan plugin enabled. No special configuration needed for exploitation.

📦 What is this software?

Dokan by Dokan

View all CVEs affecting Dokan →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, site defacement, privilege escalation, and potential remote code execution via database functions.

🟠

Likely Case

Data exfiltration of user information, plugin settings manipulation, and potential administrative access through user account compromise.

🟢

If Mitigated

Limited impact with proper input validation, database user privilege restrictions, and web application firewall rules in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection via unsanitized parameter makes exploitation straightforward for attackers with basic SQL knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.7.6

Vendor Advisory: https://wpscan.com/vulnerability/fd416d99-1970-418f-81f5-8438490d4479

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Dokan plugin and click 'Update Now'. 4. Verify version shows 3.7.6 or higher.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable the Dokan plugin until patching is possible

wp plugin deactivate dokan

Web Application Firewall Rules

all

Block SQL injection patterns targeting Dokan endpoints

🧯 If You Can't Patch

Implement strict input validation for all user-supplied parameters
Restrict database user permissions to minimum required operations

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Dokan → Version number. If below 3.7.6, vulnerable.

Check Version:

wp plugin get dokan --field=version

Verify Fix Applied:

Confirm Dokan plugin version is 3.7.6 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in WordPress logs
Multiple failed login attempts from single IP
Unexpected database queries in application logs

Network Indicators:

HTTP requests with SQL injection patterns to Dokan endpoints
Unusual outbound database connections

SIEM Query:

source="wordpress.log" AND ("SQL syntax" OR "database error" OR "dokan")

📊 Metadata

CVE ID: CVE-2022-3915

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: December 12, 2022

Last Updated: February 24, 2026

🔗 References

https://wpscan.com/vulnerability/fd416d99-1970-418f-81f5-8438490d4479 Exploit,Third Party Advisory
https://wpscan.com/vulnerability/fd416d99-1970-418f-81f5-8438490d4479 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-3915, you might also want to check these: