WP-Safety

Easy Digital Downloads Digital Signature Security & Risk Analysis

wordpress.org/plugins/edd-digital-signature-add-on

Automatically require your Easy Digital Downloads customers to sign a legally binding contract before downloading your product. Easy to Use.

80 active installs v1.8.0 PHP + WP 4.5+ Updated Jan 8, 2026
contract-plugindigital-signatureeasy-digital-downloadseasy-digital-downloads-digital-signaturewordpress-e-signature
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Digital Downloads Digital Signature Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Digital Downloads Digital Signature has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The EDD Digital Signature Add-On v1.8.0 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by consistently using prepared statements for all SQL queries and by implementing nonce and capability checks on its entry points. The absence of dangerous functions, file operations, and external HTTP requests further contributes to a reduced attack surface.

However, a notable concern arises from the output escaping. With only 64% of outputs properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. This is particularly concerning given that the plugin has multiple entry points (AJAX handlers and shortcodes) where user-supplied data could potentially be rendered without adequate sanitization.

The plugin's vulnerability history is clean, with no recorded CVEs. This is a positive indicator, suggesting the developers have historically maintained a secure codebase. Nevertheless, the potential for XSS due to insufficient output escaping remains the primary weakness identified in this analysis.

Key Concerns

  • Insufficient output escaping (64%)
Vulnerabilities
None known

Easy Digital Downloads Digital Signature Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Easy Digital Downloads Digital Signature Release Timeline

v1.8.0Current
v1.7.9
v1.7.8
v1.7.7
v1.7.6
v1.7.4
v1.6.9
v1.6.7
v1.6.6
v1.6.1
v1.5.9
v1.5.7.5
v1.5.7.1
v1.5.6.9
v1.5.6.5
v1.5.6.0
v1.5.5.8
v1.5.5.3
v1.5.3.6
v1.5.1.0
Code Analysis
Analyzed Mar 16, 2026

Easy Digital Downloads Digital Signature Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
12 prepared
Unescaped Output
85
150 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared12 total queries

Output Escaping

64% escaped235 total outputs
Attack Surface

Easy Digital Downloads Digital Signature Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 1

authwp_ajax_esig_EDD_ratting_widget_removerating-widget\esign-rating-widget.php:44

Shortcodes 2

[esig-edd-order-details] includes\esig-edd-admin.php:16
[esig-edd-order-details] includes\esig-edd-frontend.php:17
WordPress Hooks 37
actionadmin_noticesabout\autoload.php:27
actionesig_admin_noticesabout\autoload.php:29
actionin_admin_headerabout\autoload.php:81
actionadmin_menuabout\includes\esig-about-load.php:30
actionadmin_noticesautoload.php:27
actionesig_admin_noticesautoload.php:28
actionin_admin_headerautoload.php:77
actionplugins_loadededd-digital-signature.php:23
actionplugins_loadededd-digital-signature.php:62
actionadmin_enqueue_scriptsedd-digital-signature.php:100
filteresig_sif_buttons_filterincludes\edd-data.php:19
filteresig_text_editor_sif_menuincludes\edd-data.php:20
filteresig_admin_more_document_contentsincludes\edd-data.php:21
actionadmin_enqueue_scriptsincludes\edd-data.php:22
actionadd_meta_boxesincludes\esig-edd-admin-options.php:16
actionsave_postincludes\esig-edd-admin-options.php:18
filteredd_settings_miscincludes\esig-edd-admin-options.php:20
actionedd_esig_core_msgincludes\esig-edd-admin-options.php:22
filteresig_misc_more_document_actionsincludes\esig-edd-admin.php:14
filtershow_sad_invite_linkincludes\esig-edd-admin.php:15
actionedd_before_checkout_cartincludes\esig-edd-frontend.php:6
actionesig_after_sad_process_doneincludes\esig-edd-frontend.php:9
actionesig_approval_signer_addedincludes\esig-edd-frontend.php:10
actionedd_complete_purchaseincludes\esig-edd-frontend.php:12
actionedd_empty_cartincludes\esig-edd-frontend.php:15
filteredd_can_view_receiptincludes\esig-edd-frontend.php:18
actionedd_insert_paymentincludes\esig-edd-frontend.php:19
actionedd_complete_purchaseincludes\esig-edd-frontend.php:21
filteresignature_contentincludes\esig-edd-frontend.php:22
filteredd_can_view_receiptincludes\esig-edd-frontend.php:312
actionafter_plugin_rowincludes\esig-edd-requirement.php:17
actionadmin_initincludes\esig-edd-requirement.php:20
filterplugin_row_metaincludes\esig-edd-requirement.php:21
actionadmin_menuincludes\esig-edd-requirement.php:23
actionesig_admin_noticesrating-widget\esign-rating-widget.php:41
actionadmin_enqueue_scriptsrating-widget\esign-rating-widget.php:42
actionadmin_enqueue_scriptsrating-widget\esign-rating-widget.php:43
Maintenance & Trust

Easy Digital Downloads Digital Signature Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 8, 2026
PHP min version
Downloads15K

Community Trust

Rating60/100
Number of ratings4
Active installs80
Alternatives

Easy Digital Downloads Digital Signature Alternatives

Smart Agreements

Smart Agreements

smart-agreements

A
97

The smart agreements plugin helps to create a agreement/contract and digital signature

20 1 CVE
Bulk Edit Posts and Products in Spreadsheet

Bulk Edit Posts and Products in Spreadsheet

wp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages

A
100

Modern Bulk Editor for Posts and Pages, create and edit hundreds of posts at once in a spreadsheet inside wp-admin. Search and quick edits.

9K No CVEs
Digital Signature For Contact Form 7

Digital Signature For Contact Form 7

digital-signature-for-contact-form-7

A
100

Contact Form 7 Signature Addon making autographs of people who want to get an E-signature in the system. We build too easy to access and use for users …

5K No CVEs
AffiliateWP – Affiliate Product Rates

AffiliateWP – Affiliate Product Rates

affiliatewp-affiliate-product-rates

A
92

Allows you to set product referral rates on a per-affiliate level in AffiliateWP.

2K No CVEs
AffiliateWP – Allowed Products

AffiliateWP – Allowed Products

affiliatewp-allowed-products

A
92

Allows only specific products to generate commission in AffiliateWP.

1K No CVEs
Developer Profile

Easy Digital Downloads Digital Signature Developer Profile

approveme

10 plugins · 4K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
15 days
View full developer profile
Detection Fingerprints

How We Detect Easy Digital Downloads Digital Signature

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/edd-digital-signature-add-on/assets/js/esign-iframe.js/wp-content/plugins/edd-digital-signature-add-on/about/assets/css/esig-snip-styles.css/wp-content/plugins/edd-digital-signature-add-on/about/assets/css/esig-about.css/wp-content/plugins/edd-digital-signature-add-on/assets/css/esig-about-alert.css
Script Paths
/wp-content/plugins/edd-digital-signature-add-on/assets/js/esign-iframe.js
Version Parameters
edd-digital-signature-add-on/assets/js/esign-iframe.js?ver=edd-digital-signature-add-on/about/assets/css/esig-snip-styles.css?ver=edd-digital-signature-add-on/about/assets/css/esig-about.css?ver=edd-digital-signature-add-on/assets/css/esig-about-alert.css?ver=

HTML / DOM Fingerprints

CSS Classes
bangBarerror
FAQ

Frequently Asked Questions about Easy Digital Downloads Digital Signature