Marco Lunardi

**Name of the Vulnerable Software and Affected Versions** Ninja Forms WordPress plugin versions prior to 3.13.3 **Description** An unauthenticated attacker can generate valid access tokens through the REST API. These tokens can then be used to read form submissions. The affected API endpoint allows access token generation without authentication. The vulnerable parameter is not specified. **Recommendations** Update to version 3.13.3 or later.

**Name of the Vulnerable Software and Affected Versions** GoSign Desktop versions 2.4.0 and earlier **Description** GoSign Desktop versions 2.4.0 and earlier utilize an unsigned update manifest for application updates. This manifest includes package URLs and SHA-256 hashes, but lacks digital signing, relying on the TLS channel for authenticity. When TLS certificate validation is disabled through proxy configuration, an attacker intercepting network traffic can provide a malicious update manifest and package with a matching hash. This can lead to the download and installation of a compromised update, potentially resulting in arbitrary code execution with the privileges of the GoSign Desktop user on Windows and macOS, or with elevated privileges on certain Linux deployments. A local attacker modifying proxy settings can also exploit this to escalate privileges by installing a crafted update. **Recommendations** Update GoSign Desktop to a version later than 2.4.0.