Vulnerabilities and security researches forcryptocurrency-widgets-pack cryptocurrency-widgets-pack
Direction: ascendingJun 06, 2024
Cryptocurrency Widgets Pack # CVE-2022-4059
- CVE, Research URL
- Home page URL
- Application
- Date
- Jan 03, 2023
- Research Description
- The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
- Affected versions
-
max 2.0.
- Status
-
vulnerable
Cryptocurrency Widgets Pack # CVE-2022-44588
- CVE, Research URL
- Home page URL
- Application
- Date
- Dec 16, 2022
- Research Description
- Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress.
- Affected versions
-
max 2.0.
- Status
-
vulnerable
Apr 02, 2025
Cryptocurrency Widgets Pack # CVE-2025-31539
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 31, 2025
- Research Description
- Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cryptocurrency Widgets Pack: from n/a through 2.0.1.
- Affected versions
-
max 2.0.1.
- Status
-
vulnerable