CVE-2025-62124

CVE-2025-62124 affects WP Post Signature (Soli WP Post Signature) up to version 0.4.1. Vulnerability: Improper neutralization of input during web page generation leading to Stored XSS. According to public data, exploitability is NETWORK-based with LOW attack complexity, but requires HIGH privileg...

WordPress WP Post Signature plugin <= 0.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin WP Post Signature versions = 0.4.1...

EUVD-2017-11416

Malware in sbrugna...

CVE-2023-6740

Privilege escalation in jarsignature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges...

CVE-2025-32917

Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. Checkmk has a security vulnerability that stems from elevated privileges in the jarsignature proxy plugin, which could lead to elevated privileges. The following versions are affected: versions prior to 2.4.0b7, versions prior to 2.3.0p32,...

WordPress plugin WordPress Signature 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WordPress...

WordPress Signature plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin WordPress Signature versions = 0.1...

Vanilla: Persistent XSS via Signatures

Description ----------- The current version of the signature plugin 1.6.1 is vulnerable to persistent XSS as the Format parameter is echoed without encoding. POC --- Prerequisite: Enable the Signatures plugin To place the payload, the following request can be used it's simply the request that is...

CVE-2017-2233

Untrusted search path vulnerability in Installer of PDF Digital Signature Plugin G2.30 and earlier, distributed till June 29, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-2233

Untrusted search path vulnerability in Installer of PDF Digital Signature Plugin G2.30 and earlier, distributed till June 29, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-2233

CVE-2017-2233 corresponds to an untrusted search path vulnerability in the Installer of PDF Digital Signature Plugin (G2.30) and earlier. The root cause is insecure DLL search path loading (CWE-427), which could allow arbitrary code execution when a user invokes the installer. Affected product: I...

Installer of PDF Digital Signature Plugin Insecurely Loads Dynamic Link Library Vulnerability

PDF Digital Signature Plugin is a digital signature plugin for PDF documents, it can add and edit different digital signatures for PDF documents.Installer is its installation program. A security vulnerability exists in the installer of PDF Digital Signature Plugin. An attacker could exploit this...

Installer of PDF Digital Signature Plugin provided by the Ministry of Justice may insecurely load Dynamic Link Libraries

Overview Installer of PDF Digital Signature Plugin provided by the Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and Eili Masami of Tachibana Lab. reported this...