{"id":26069,"date":"2024-02-08T10:56:50","date_gmt":"2024-02-08T10:56:50","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/singapore-cybersecurity-agency-issues-alert-on-wordpress-plugin-vulnerability\/"},"modified":"2024-02-08T10:56:50","modified_gmt":"2024-02-08T10:56:50","slug":"singapore-cybersecurity-agency-issues-alert-on-wordpress-plugin-vulnerability","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/singapore-cybersecurity-agency-issues-alert-on-wordpress-plugin-vulnerability\/","title":{"rendered":"Singapore Cybersecurity Agency Issues Alert on WordPress Plugin Vulnerability"},"content":{"rendered":"<p><b>(Originally posted on : Crypto News &#8211; iGaming.org )<\/b><br \/>\n<\/p>\n<div>\n<p>A warning has been issued by the Cybersecurity Agency of Singapore (CSA) in relation to the WordPress plugin \u201cCryptocurrency Widgets \u2013 Price Ticker &amp; Coins List\u201d. An alert from the CSA states that versions 2.0 to 2.6.5 are vulnerable to SQL exploits through the use of the \u2018coinslist\u2019 argument.<\/p>\n<p>According to the CSA, the vulnerability results from poor escape on user-supplied arguments and poor planning on pre-existing SQL queries. This vulnerability might enable unauthorized attackers to insert more SQL queries, increasing the possibility that private information could be taken from a website\u2019s database.<\/p>\n<h2><strong>Plugin Details and Developer Information<\/strong><\/h2>\n<p>According to material on the WordPress website, Narinder Singh is credited as co-founding CryptocurrencyPlugins by CoolPlugins.net, and this is the plugin in dispute.<\/p>\n<p>Though it has amassed more than 10,000 downloads and has a five-star rating from more than 150 reviews on WordPress\u2019 marketplace, it is unclear exactly how many people are impacted. While the plugin\u2019s page indicates that there has been an update to 2.6.6, it is unclear if this most recent version resolves the issue. CoolPlugins.net hasn\u2019t made any public remarks on the situation as of yet.<\/p>\n<p>A related incident from October 2023 was covered by crypto.news, which revealed a concerning pattern in which malevolent individuals used BNB Chain\u2019s smart contracts to spread malware, specifically aimed at WordPress websites. Cybersecurity specialists warn that hackers might secretly incorporate dangerous scripts into smart contracts and turn them into free and covert platforms for hosting malicious activity by injecting code that can extract partial payloads from smart contracts.<\/p>\n<div class=\"main-org-3-item-ins box-100 relative mb-4\">\n<div class=\"space-org-3-items box-100 relative\">\n<div class=\"box-100 space-org-3-item relative border-tb mt-1 \">\n<div class=\"space-org-3-item-ins box-100 relative\">\n<div class=\"space-org-3-item-terms box-25 relative\">\n<div class=\"space-org-3-item-terms-ins box-100 text-center relative\"> <strong><strong>Get 125% \/ $2,500 on 1st deposit!<\/strong><\/strong> <\/p>\n<p>New players only. Exclusive Welcome Bonus of up to $2,500<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>Vigilance and proactive actions are essential to protect against new attacks and vulnerabilities as the cybersecurity landscape changes.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/igaming.org\/crypto\/singapore-cybersecurity-agency-issues-alert-on-wordpress-plugin-vulnerability\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : Crypto News &#8211; iGaming.org ) A warning has been issued by the Cybersecurity Agency of Singapore (CSA) in relation to the WordPress plugin \u201cCryptocurrency Widgets \u2013 Price Ticker &amp; Coins List\u201d. An alert from the CSA states that versions 2.0 to 2.6.5 are vulnerable to SQL exploits through the use of [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":26070,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[34],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/26069"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=26069"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/26069\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/26070"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=26069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=26069"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=26069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}