Title: Security Vulnerability
Last modified: October 7, 2020

---

# Security Vulnerability

 *  Resolved [loopforever](https://wordpress.org/support/users/loopforever/)
 * (@loopforever)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerability-29/)
 * Hello,
    I think there may be a security vulnerability in the plugin. I wanted
   to ask you. Login url also appears on links sent to email addresses in various
   transactions. For example, I am using Dokan Vendor Staff Manager module. Imagine
   that your store has a new staff member added. He writes an e-mail address here.
   Personnel can create their password from the link sent to this e-mail address.
   So far there is no problem. However, in this link sent to the mail address, the“
   Login Url” address of the web page is also written. For example,
 * User name:XXX
    To set your password, visit: [http://www.wordpress.com/wp-login/?action=rp&key=R4](http://www.wordpress.com/wp-login/?action=rp&key=R4)…
 * As you can guess here, the wp-login part is “Login Url”. So I can see them in
   the e-mail address. Of course, so is the staff.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Shohan Hossain Nabil – a11n](https://wordpress.org/support/users/sohanhossain/)
 * (@sohanhossain)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerability-29/#post-13510871)
 * Hello [@loopforever](https://wordpress.org/support/users/loopforever/),
 * Thank you for reaching us out. Dokan uses the default WordPress’s default welcome
   email template. You can use the plugin like SB Welcome Email Editor to modify
   the default welcome email template and remove the information you want. Also,
   if you are looking to modify the template manually then you can check [here](https://stackoverflow.com/questions/29229292/hide-or-remove-the-log-in-link-from-the-welcome-email-send-by-wordpress-for-ne).
 * We will try to improve this in our future release.
 * Kind Regards,
 *  Thread Starter [loopforever](https://wordpress.org/support/users/loopforever/)
 * (@loopforever)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerability-29/#post-13510923)
 * Okay. Thank you. I am going to follow update.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Security Vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/dokan-lite/assets/icon-256x256.gif?rev=3239229)
 * [Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy](https://wordpress.org/plugins/dokan-lite/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/dokan-lite/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/dokan-lite/)
 * [Active Topics](https://wordpress.org/support/plugin/dokan-lite/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/dokan-lite/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/dokan-lite/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [loopforever](https://wordpress.org/support/users/loopforever/)
 * Last activity: [5 years, 8 months ago](https://wordpress.org/support/topic/security-vulnerability-29/#post-13510923)
 * Status: resolved