A critical vulnerability in a cryptocurrency widget plugin for WordPress has been flagged, allowing attackers to extract sensitive information from the database. The plugin, versions 2.0 to 2.6.5, is susceptible to SQL Injection due to insufficient parameter escaping and query preparation. Additionally, a cybersecurity risk related to Bitcoin’s inscriptions has been identified, with potential exploitation of vulnerabilities in Bitcoin Core and Bitcoin Knots versions.
read more