A popular WordPress plugin, “The Cryptocurrency Widgets – Price Ticker & Coins List,” has been flagged as a critical cybersecurity threat. The Cyber Security Agency of Singapore (CSA) issued an alert, rating the risk at a near-perfect 9.8 out of 10. This places the plugin in the highest tier of cybersecurity vulnerabilities.
The plugin’s flaw lies in its susceptibility to SQL Injection, particularly through its ‘coinslist’ parameter. This loophole, identified in versions 2.0 to 2.6.5, could let hackers extract sensitive data or manipulate database queries without authorization.
Cybersecurity experts at the CVE Program have pinpointed the issue of inadequate data handling by the plugin’s developer, Narinder-Singh.
Wider Implications for Crypto Security
Moreover, this incident spotlighted the broader security issue within the cryptocurrency sphere. Just weeks ago, Bitcoin ATM manufacturer Lamassu Industries patched a critical vulnerability that risked giving attackers complete control over its machines, underscoring the cybersecurity challenges in the crypto industry.
Hence, as digital currencies continue to grow, so does the importance of robust cybersecurity measures to protect users and their assets from such vulnerabilities.
Also Read: CoinMarketCap Incubates Galaxis for Web3 Innovation
