Crypto:
32778
Bitcoin:
$101.014
% 0.39
BTC Dominance:
%55.2
% 0.30
Market Cap:
$3.64 T
% 1.06
Fear & Greed:
76 / 100
Bitcoin:
$ 101.014
BTC Dominance:
% 55.2
Market Cap:
$3.64 T

Wordpress Crypto Plugin Causes Vulnerability

Wordpress

A vulnerability in a WordPress plugin designed for cryptocurrency widgets has raised concerns over the potential leakage of sensitive information. 

Warns About Plugins Safety (Wordpress)

The plugin in question, “Cryptocurrency Widgets – Price Ticker & Coins List,” has been identified by the Cyber Security Agency of Singapore (CSA) as carrying a critical vulnerability across versions 2.0 through 2.6.5.

SingCERT, the Singapore Cyber Emergency Response Team, issued a security bulletin warning about the plugin’s susceptibility to exploitation. Rated at a base score of 9.8 out of 10 by the National Vulnerability Database (NVD), the plugin’s vulnerability lies in its handling of user-supplied parameters. Specifically, the ‘coinslist’ parameter is vulnerable to SQL injection attacks due to insufficient escaping and preparation on existing SQL queries.

This SQL injection vulnerability enables attackers to extract sensitive information from the database by injecting additional SQL queries, even without authentication. The plugin, attributed to a vendor named “Narinder-Singh,” has been identified as problematic in versions 2.0 through 2.6.5 by the security firm CVE Program.


Also, you can freely share your thoughts and comments about the topic in the comment section. Additionally, please follow us on our TelegramYouTube and Twitter channels for the latest news and updates.

Rate this post
READ:  Assassination Attempt on Donald Trump!

Leave a Reply

Your email address will not be published. Required fields are marked *