The security warning applies to versions 2.0 to 2.6.5 and, according to the CSA, centers around "insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query".
Considering the widget is centered around cryptocurrency, this could leave users' wallets, finances, or other personal information vulnerable to attack.
[
add
]
[
|
|
...
]