Popular Crypto Plugin Suffers from Critical Security Vulnerability

February 9, 2024
1 min read


A critical security flaw has been identified in a popular WordPress plugin called “The Cryptocurrency Widgets – Price Ticker & Coins List.” The Cyber Security Agency of Singapore (CSA) has rated the vulnerability as a near-perfect 9.8 out of 10. The flaw is related to SQL Injection through the plugin’s ‘coinslist’ parameter, which could allow hackers to extract sensitive data or manipulate database queries without authorization.

According to the CVE Program, the vulnerability exists in versions 2.0 to 2.6.5 of the plugin. Cybersecurity experts have noted the issue of inadequate data handling by the plugin’s developer, Narinder-Singh. This incident highlights the broader security challenges faced by the cryptocurrency industry. Just weeks ago, Bitcoin ATM manufacturer Lamassu Industries patched a critical vulnerability that risked giving attackers control over its machines.

The incident underscores the importance of robust cybersecurity measures to protect users and their assets in the growing cryptocurrency industry.

(400 words)

Latest from Blog

Top CISA official looks back on four years of cyber work

TLDR: Eric Goldstein, a top official at CISA, reflects on progress made in cybersecurity during his tenure. Key achievements include understanding cyber risks, collaboration with industry, and encouraging secure product development. Eric

Juggling AI cybersecurity highs and lows

TLDR: At the 2024 MIT Sloan CIO Symposium, industry leaders discussed the challenge of balancing AI’s benefits with its security risks, particularly focusing on generative AI. While generative AI can bring benefits

Get your free Cyber Security eBook now Valued at $169

“`html TLDR: Key Points: Claim your complimentary eBook worth $169 for free before May 22. The eBook covers practical applications of cyber security and network security for professionals, engineers, scientists, and students.