WP-Safety

Cryptocurrency Widgets – Price Ticker & Coins List Security & Risk Analysis

wordpress.org/plugins/cryptocurrency-price-ticker-widget

Display cryptocurrency price ticker widget, coins live price list, table, labels & coin marketcap via shortcodes.

8K active installs v2.10.1 PHP 7.2+ WP 6.0+ Updated Mar 23, 2026
coinmarketcapcrypto-price-updatescrypto-widgetscryptocurrencycryptocurrency-price-ticker
95
A · Safe
CVEs total4
Unpatched0
Last CVEAug 16, 2024
Plugin page Download
Safety Verdict

Is Cryptocurrency Widgets – Price Ticker & Coins List Safe to Use in 2026?

Generally Safe

Score 95/100

Cryptocurrency Widgets – Price Ticker & Coins List has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

4 known CVEsLast CVE: Aug 16, 2024Updated 1mo ago
Risk Assessment

The cryptocurrency-price-ticker-widget plugin, version 2.9.1, presents a mixed security posture. On the positive side, the static analysis indicates a strong adherence to secure coding practices in its current implementation. The complete absence of unprotected entry points, a high percentage of properly escaped outputs, and the consistent use of prepared statements for SQL queries are commendable. Furthermore, the taint analysis showing zero flows with unsanitized paths, critical or high severity, is a very positive sign for the current version's robustness against common code injection vulnerabilities.

However, a significant concern arises from the plugin's vulnerability history. The presence of four known CVEs, including one critical and three medium severity vulnerabilities, is a substantial red flag. The common vulnerability types (XSS, SQL Injection, Missing Authorization) in past issues suggest recurring weaknesses that require careful attention. The most recent vulnerability being in 2024 indicates that even recent versions have had security flaws. While the current version (2.9.1) reports no unpatched vulnerabilities, the historical pattern suggests a propensity for such issues, demanding vigilance and prompt updates.

In conclusion, while the current version of the cryptocurrency-price-ticker-widget plugin demonstrates good security practices in its code, its past vulnerability history raises significant concerns about its overall long-term security. The past critical and medium vulnerabilities, despite being currently unpatched, point to a need for continuous scrutiny and prompt remediation of any new issues discovered. Users should remain cautious and monitor for future updates.

Key Concerns

  • Significant historical CVEs (1 critical, 3 medium)
  • Recent vulnerability found (2024-08-16)
  • Bundled libraries (Select2, DataTables)
Vulnerabilities
4 published

Cryptocurrency Widgets – Price Ticker & Coins List Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
3 CVEs in 2024
2024
Patched Has unpatched

Severity Breakdown

Critical
1
Medium
3

4 total CVEs

CVE-2024-43304medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cryptocurrency Widgets – Price Ticker & Coins List <= 2.8.0 - Reflected Cross-Site Scripting

Aug 16, 2024 Patched in 2.8.1 (4d)
CVE-2024-27953medium · 4.3Missing Authorization

Cryptocurrency Widgets – Price Ticker & Coins List <= 2.6.8 - Missing Authorization

Mar 13, 2024 Patched in 2.6.9 (8d)
CVE-2024-0709critical · 9.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Cryptocurrency Widgets – Price Ticker & Coins List 2.0 - 2.6.5 - Unauthenticated SQL Injection

Jan 19, 2024 Patched in 2.6.6 (537d)
CVE-2023-36681medium · 5.3Missing Authorization

Cryptocurrency Widgets – Price Ticker & Coins List <= 2.6.2 - Missing Authorization

Jul 4, 2023 Patched in 2.6.3 (203d)
Version History

Cryptocurrency Widgets – Price Ticker & Coins List Release Timeline

v2.10.1Current
v2.10.0
v2.9.1
v2.9.0
v2.8.9
v2.8.8
v2.8.7
v2.8.6
v2.8.5
v2.8.4
v2.8.3
v2.8.2
v2.8.1
v2.8.01 CVE
CVE-2024-43304
v2.7.21 CVE
CVE-2024-43304
v2.6.82 CVEs
CVE-2024-43304 CVE-2024-27953
v2.6.62 CVEs
CVE-2024-43304 CVE-2024-27953
v2.6.14 CVEs
CVE-2024-0709 CVE-2024-43304 CVE-2023-36681 +1 more
v2.5.44 CVEs
CVE-2024-0709 CVE-2024-43304 CVE-2023-36681 +1 more
v2.5.34 CVEs
CVE-2024-0709 CVE-2024-43304 CVE-2023-36681 +1 more
Code Analysis
Analyzed Mar 16, 2026

Cryptocurrency Widgets – Price Ticker & Coins List Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
23 prepared
Unescaped Output
59
471 escaped
Nonce Checks
12
Capability Checks
21
File Operations
2
External Requests
9
Bundled Libraries
2

Bundled Libraries

Select2DataTables

SQL Query Safety

85% prepared27 total queries

Output Escaping

89% escaped530 total outputs
Attack Surface

Cryptocurrency Widgets – Price Ticker & Coins List Attack Surface

Entry Points7
Unprotected0

AJAX Handlers 6

authwp_ajax_cmb2_oembed_handleradmin\cmb2\includes\CMB2_Ajax.php:56
noprivwp_ajax_cmb2_oembed_handleradmin\cmb2\includes\CMB2_Ajax.php:57
authwp_ajax_cpfm_handle_opt_inadmin\feedback\cpfm-feedback-notice.php:14
authwp_ajax_ccpw_delete_transientcryptocurrency-price-ticker-widget.php:101
authwp_ajax_ccpw_get_coins_listincludes\class-shortcode.php:21
noprivwp_ajax_ccpw_get_coins_listincludes\class-shortcode.php:22

Shortcodes 1

[ccpw] includes\class-shortcode.php:19
WordPress Hooks 91
actionadmin_menuadmin\addon-dashboard-page\class-addon-dashboard-page.php:64
actionadmin_enqueue_scriptsadmin\addon-dashboard-page\class-addon-dashboard-page.php:67
filterupgrader_pre_installadmin\addon-dashboard-page\includes\cool_plugins_downloader.php:25
filterupgrader_clear_destinationadmin\addon-dashboard-page\includes\cool_plugins_downloader.php:26
actioncmb2_admin_initadmin\class-settings.php:15
actioncpfm_register_noticeadmin\class-settings.php:17
actioncpfm_after_opt_in_ccpwadmin\class-settings.php:41
filtercmb2_render_pw_selectadmin\cmb2\cmb-field-select2\cmb-field-select2.php:21
filtercmb2_render_pw_multiselectadmin\cmb2\cmb-field-select2\cmb-field-select2.php:22
filtercmb2_sanitize_pw_multiselectadmin\cmb2\cmb-field-select2\cmb-field-select2.php:23
filtercmb2_types_esc_pw_multiselectadmin\cmb2\cmb-field-select2\cmb-field-select2.php:24
filtercmb2_repeat_table_row_typesadmin\cmb2\cmb-field-select2\cmb-field-select2.php:25
actionadmin_initadmin\cmb2\cmb2-conditionals.php:54
actionadmin_footeradmin\cmb2\cmb2-conditionals.php:55
actionplugins_loadedadmin\cmb2\cmb2-conditionals.php:219
filterwp_prepare_attachment_for_jsadmin\cmb2\includes\CMB2.php:1562
actionadmin_enqueue_scriptsadmin\cmb2\includes\CMB2.php:1580
actioncmb2_save_options-page_fieldsadmin\cmb2\includes\CMB2_Ajax.php:59
filterget_post_metadataadmin\cmb2\includes\CMB2_Ajax.php:152
filterupdate_post_metadataadmin\cmb2\includes\CMB2_Ajax.php:155
filtercmb2_show_onadmin\cmb2\includes\CMB2_Hookup.php:83
actionedit_form_topadmin\cmb2\includes\CMB2_Hookup.php:119
actionedit_form_before_permalinkadmin\cmb2\includes\CMB2_Hookup.php:123
actionedit_form_after_titleadmin\cmb2\includes\CMB2_Hookup.php:127
actionedit_form_after_editoradmin\cmb2\includes\CMB2_Hookup.php:131
actionadd_meta_boxesadmin\cmb2\includes\CMB2_Hookup.php:135
actionadd_meta_boxesadmin\cmb2\includes\CMB2_Hookup.php:138
actionadd_attachmentadmin\cmb2\includes\CMB2_Hookup.php:139
actionedit_attachmentadmin\cmb2\includes\CMB2_Hookup.php:140
actionsave_postadmin\cmb2\includes\CMB2_Hookup.php:141
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:148
actionadd_meta_boxes_commentadmin\cmb2\includes\CMB2_Hookup.php:156
actionedit_commentadmin\cmb2\includes\CMB2_Hookup.php:157
filtermanage_edit-comments_columnsadmin\cmb2\includes\CMB2_Hookup.php:160
actionmanage_comments_custom_columnadmin\cmb2\includes\CMB2_Hookup.php:161
filtermanage_edit-comments_sortable_columnsadmin\cmb2\includes\CMB2_Hookup.php:162
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:163
actionshow_user_profileadmin\cmb2\includes\CMB2_Hookup.php:172
actionedit_user_profileadmin\cmb2\includes\CMB2_Hookup.php:173
actionuser_new_formadmin\cmb2\includes\CMB2_Hookup.php:174
actionpersonal_options_updateadmin\cmb2\includes\CMB2_Hookup.php:176
actionedit_user_profile_updateadmin\cmb2\includes\CMB2_Hookup.php:177
actionuser_registeradmin\cmb2\includes\CMB2_Hookup.php:178
filtermanage_users_columnsadmin\cmb2\includes\CMB2_Hookup.php:181
filtermanage_users_custom_columnadmin\cmb2\includes\CMB2_Hookup.php:182
filtermanage_users_sortable_columnsadmin\cmb2\includes\CMB2_Hookup.php:183
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:184
actionpre_get_postsadmin\cmb2\includes\CMB2_Hookup.php:230
actioncreated_termadmin\cmb2\includes\CMB2_Hookup.php:234
actionedited_termsadmin\cmb2\includes\CMB2_Hookup.php:235
actiondelete_termadmin\cmb2\includes\CMB2_Hookup.php:236
actioncmb2_do_oembedadmin\cmb2\includes\helper-functions.php:136
filteris_protected_metaadmin\cmb2\includes\rest-api\CMB2_REST.php:148
actioninitadmin\cmb2\init.php:88
actionadmin_noticesadmin\cool-review-notice\cool-review-notice.php:45
actionadmin_enqueue_scriptsadmin\feedback\class-admin-feedback-form.php:21
actionadmin_headadmin\feedback\class-admin-feedback-form.php:23
actionadmin_initadmin\feedback\cpfm-feedback-notice.php:12
actionadmin_enqueue_scriptsadmin\feedback\cpfm-feedback-notice.php:13
actionadmin_footeradmin\feedback\cpfm-feedback-notice.php:16
actionadmin_noticesadmin\openexchange-api\class-openexchange-api-settings.php:36
actionadmin_menuadmin\openexchange-api\class-openexchange-api-settings.php:37
actioncmb2_admin_initadmin\openexchange-api\class-openexchange-api-settings.php:38
actionccpw_get_extra_infoadmin\openexchange-api\class-openexchange-api-settings.php:39
actionadmin_enqueue_scriptsadmin\openexchange-api\class-openexchange-api-settings.php:40
actioncmb2_save_options-page_fieldsadmin\openexchange-api\class-openexchange-api-settings.php:41
actioninitadmin\register-post-type\class-post-type.php:14
actionadd_meta_boxesadmin\register-post-type\class-post-type.php:18
actionadd_meta_boxes_ccpwadmin\register-post-type\class-post-type.php:19
filtermanage_ccpw_posts_columnsadmin\register-post-type\class-post-type.php:20
actionmanage_ccpw_posts_custom_columnadmin\register-post-type\class-post-type.php:21
actionsave_postadmin\register-post-type\class-post-type.php:22
actioncmb2_save_options-page_fieldsadmin\register-post-type\class-post-type.php:27
actionadmin_initadmin\review-notices\class-review-notice.php:19
actionadmin_noticesadmin\review-notices\class-review-notice.php:26
actionadmin_initcryptocurrency-price-ticker-widget.php:81
actioninitcryptocurrency-price-ticker-widget.php:83
actioninitcryptocurrency-price-ticker-widget.php:87
actionadmin_initcryptocurrency-price-ticker-widget.php:90
actionwp_footercryptocurrency-price-ticker-widget.php:92
actionwp_footercryptocurrency-price-ticker-widget.php:93
actioncmb2_admin_initcryptocurrency-price-ticker-widget.php:94
actionadmin_menucryptocurrency-price-ticker-widget.php:97
actionadmin_noticescryptocurrency-price-ticker-widget.php:98
actionadmin_enqueue_scriptscryptocurrency-price-ticker-widget.php:99
actionplugin_loadedcryptocurrency-price-ticker-widget.php:107
actionwidgets_initincludes\class-widget.php:6
actioninitincludes\cron\class-cron.php:13
filtercron_schedulesincludes\cron\class-cron.php:15
actionccpw_extra_data_updateincludes\cron\class-cron.php:16
actionccpw_coins_autosaveincludes\cron\class-cron.php:17

Scheduled Events 7

ccpw_extra_data_update
cmc_extra_data_update
celp_extra_data_update
ccew_extra_data_update
ccpw_coins_autosave
ccpw_extra_data_update
ccpw_extra_data_update
Maintenance & Trust

Cryptocurrency Widgets – Price Ticker & Coins List Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 23, 2026
PHP min version7.2
Downloads456K

Community Trust

Rating96/100
Number of ratings190
Active installs8K
Alternatives

Cryptocurrency Widgets – Price Ticker & Coins List Alternatives

Cryptocurrency Widgets Pack

Cryptocurrency Widgets Pack

cryptocurrency-widgets-pack

C
53

Price ticker, table, cards, label widget for all cryptocurrencies using Coingecko API.

800 1 unpatched
Cryptocurrency Price Widget

Cryptocurrency Price Widget

cryptocurrency-price-widget

A
99

Gives you a customizable Cryptocurrency Price Widget for website with ⚡live real-time price update and flexible settings.

200 1 CVE
Cryptocurrency Widgets From Coinlib

Cryptocurrency Widgets From Coinlib

cryptocurrency-widgets-from-coinlib

A
85

Full free cryptocurrency widget pack from Coinlib (https://coinlib.io).

40 No CVEs
Crypto Price And Stats

Crypto Price And Stats

crypto-price-and-stats

A
100

Crypto Price And Stats is a WordPress plugin displays live prices and stats of crypto coins.

30 No CVEs
Crypto Price Table

Crypto Price Table

crypto-price-table

A
92

Customizable Cryptocurrency Price Table with real-time price update, marketcap and flexible settings.

10 No CVEs
Developer Profile

Cryptocurrency Widgets – Price Ticker & Coins List Developer Profile

CoolHappy

12 plugins · 209K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
203 days
View full developer profile
Detection Fingerprints

How We Detect Cryptocurrency Widgets – Price Ticker & Coins List

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cryptocurrency-price-ticker-widget/admin/css/ccpw-admin-style.css/wp-content/plugins/cryptocurrency-price-ticker-widget/admin/css/ccpw-settings.css/wp-content/plugins/cryptocurrency-price-ticker-widget/admin/js/ccpw-admin-script.js/wp-content/plugins/cryptocurrency-price-ticker-widget/public/css/ccpw-public-style.css/wp-content/plugins/cryptocurrency-price-ticker-widget/public/js/ccpw-public-script.js
Script Paths
/wp-content/plugins/cryptocurrency-price-ticker-widget/admin/js/ccpw-admin-script.js/wp-content/plugins/cryptocurrency-price-ticker-widget/public/js/ccpw-public-script.js
Version Parameters
cryptocurrency-price-ticker-widget/admin/css/ccpw-admin-style.css?ver=cryptocurrency-price-ticker-widget/admin/css/ccpw-settings.css?ver=cryptocurrency-price-ticker-widget/admin/js/ccpw-admin-script.js?ver=cryptocurrency-price-ticker-widget/public/css/ccpw-public-style.css?ver=cryptocurrency-price-ticker-widget/public/js/ccpw-public-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
ccpw-ticker-containerccpw-ticker-itemccpw-coins-list-tableccpw-coin-logoccpw-coin-nameccpw-priceccpw-change-24hccpw-market-cap+1 more
HTML Comments
<!-- Start: Cryptocurrency Price Ticker Widget --><!-- End: Cryptocurrency Price Ticker Widget --><!-- Shortcode: cc_price_ticker --><!-- Shortcode: cc_coins_list -->
Data Attributes
data-ccpw-ticker-iddata-ccpw-coin-iddata-ccpw-interval
JS Globals
ccpw_public_obj
Shortcode Output
[cc_price_ticker][cc_coins_list]
FAQ

Frequently Asked Questions about Cryptocurrency Widgets – Price Ticker & Coins List