According to the security firm CVE Program, the “Cryptocurrency Widgets – Price Ticker & Coins List plugin” WordPress widget carries a critical vulnerability from versions 2.0 through 2.6.5.
Source:https://cointelegraph.com/news/wordpress-crypto-widget-plugin-risk-information-leak