The Cyber Security Agency of Singapore (CSA) Discovers Vulnerability in WordPress Crypto Plugin
The Cyber Security Agency of Singapore (CSA) has identified a vulnerability in the Cryptocurrency Widgets: Price Ticker & Coins List plugin for WordPress. This flaw could potentially expose sensitive user information, according to the CSA. The National Vulnerability Database (NVD) also confirms that the WordPress crypto plugin is susceptible to SQL Injection through the ‘coinslist’ parameter.
High Risk in WordPress Crypto Plugin, Security Agents Warn
The vulnerability in the plugin arises from inadequate escaping on the user-supplied parameter and insufficient preparation on the current SQL query. This vulnerability is present in versions 2.0 to 2.6.5 of the plugin.
The vulnerability allows attackers to add structured query language (SQL) requests to existing queries, which can result in the extraction of sensitive data from the database.
The plugin was developed by Narinder Singh, who is believed to be a co-founder of CryptocurrencyPlugins by CoolPlugins.net. It has received over 10,000 downloads and more than 150 five-star reviews. However, it is currently unclear how many users are affected by versions 2.0 to 2.6.5.
New Tactics by Hackers Targeting Crypto Platforms
Recent reports indicate that malicious actors are employing new tactics to attack crypto platforms. One such strategy involves distributing malware through BNB Chain’s smart contracts, specifically targeting WordPress-powered websites.
Experts warn that hackers may utilize smart contracts for anonymous and malicious hosting by embedding code to fetch payloads.
Disclaimer
Please note that the information provided is not financial advice and is intended for educational, entertainment, and informational purposes only. Any strategies or opinions discussed are based on the risk tolerance of the writer/reviewers and may differ from yours. We are not liable for any losses resulting from investments related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments, so it is important to conduct thorough research.
Althea Burnett stands as a luminary seamlessly blending the roles of crypto analyst, relentless researcher, and editorial virtuoso into an intricate tapestry of insight. Amidst the dynamic realm of digital currencies, Althea’s insights resonate like finely tuned notes, reaching minds across diverse horizons. Her ability to decipher intricate threads of crypto intricacies harmonizes seamlessly with her editorial finesse, transforming complexity into an eloquent symphony of understanding. Guiding both intrepid explorers and curious newcomers, Althea’s insights serve as a compass for well-informed decision-making amidst the ever-evolving currents of cryptocurrencies. With the craftsmanship of a linguistic artisan, they craft narratives that enrich the evolving narrative of the crypto cosmos.
