Dokan WooCommerce Multivendor Marketplace Solution Sensitive Information Exposure Vulnerability

A vulnerability allowing sensitive information exposure has been identified in the Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress, affecting all versions through 4.3.1. The issue arises in the '/dokan/v1/stores/{id}/reviews' REST API endpoint, where the 'prepare_reviews_for_response' method inadvertently includes reviewer email addresses, usernames, and user IDs in the response. This flaw enables unauthenticated attackers to extract the email addresses, usernames, and user IDs of customers who left reviews on any vendor's store. To exploit this vulnerability, the Pro version of the plugin must be installed and activated, with store reviews enabled.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive information, specifically the email addresses, usernames, and user IDs of customers who have left reviews on vendor stores.

Reproduction

The vulnerability can be reproduced by sending a request to the '/dokan/v1/stores/{id}/reviews' endpoint without authentication. Replace '{id}' with the store ID of a vendor.

Remediation

Users are advised to update the Dokan plugin to version 4.3.2 or later, where this vulnerability has been patched.