A Trojan Plugin???

  • lflier

    (@lflier)


    1 year ago

    This just happened…

    I have a subscription to WP Mail SMTP Pro. I needed to test something on a popup dev site, so I copied the plugin from my main site to the dev site. I skipped the activation and the plugin worked. But when I went back to look at my installed plugins, TWO OTHER PLUGINS I DID NOT INSTALL WERE INSTALLED AND ACTIVATED.

    They were both from the same family of plugins. The two plugins installed were WP Forms (Lite) and All In One SEO.

    The vendor has clarified that the additional plugins were installed and activated during the setup process for WP Mail SMTP. I have reviewed the setup and I can see the checkboxes. But they’re very misleading.

    First, the checkboxes are preselected, making it appear as though I am accepting presets for the plugin I just installed — not installing additional plugins. The headline at the top asks specifically, and misleadingly, “Which email features do you want to enable?” So, we’re to believe that a separate SEO plugin is an “email feature?” Serioulsy?!!!

    Second, the descriptions on the checkboxes do not identify the “email features” as additional plugins, which will be installed and activated automatically, sidestepping the normal process in which the user actively searches for, installs, and then activates a plugin.

    I find this more than vaguely unethical. I think it’s a Trojan Horse marketing plan to trick users into accepting (and possibly upgrading) two additional plugins, which are not represented to the user as additional plugins. And it’s a little disconcerting to realize that the “plugin” I downloaded was actually a bloated package of three plugins, with the other two plugins hidden inside the folder containing the first plugin. Trojan Horse, indeed!

    If this practice spreads it’s going to diminish trust in the plugin industry and in WordPress in general. I hope that the vendors have the good sense and decency to stop doing it.

    • This topic was modified 1 year ago by lflier.
    • This topic was modified 1 year ago by lflier.
    • This topic was modified 1 year ago by lflier.
    • This topic was modified 1 year ago by lflier.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Dake

    (@dakeg)

    Hi @lflier

    Thank you for sharing your honest feedback and we apologize for the confusion.

    To directly address your concerns, WPForms and AIOSEO are not bundled in the installation of WP Mail SMTP, When installing WP Mail SMTP, only WP Mail SMTP is installed. Also, this isn’t a Trojan Horse marketing plan or a trick by any means.

    As you and our support team had mentioned, the options to install WPForms and AIOSEO as additional plugins are only available in our Setup Wizard and only if those specific options are selected during the setup process.

    We apologize that this came off as “a trick”, that absolutely is not our intention and we have already started discussing this feedback and how to go about this in the future.

    We have several companion plugins that serve specific purposes, hence why the “Form” checkbox installs WPForms and the “SEO” checkbox installs AIOSEO.

    Once a specific option is selected and that plugin is not currently installed, we have corresponding text that relates to that particular plugin. For example, if “WordPress SEO Toolkit – Improve your website’s SEO ranking with our toolkit” is selected, this text will appear “The following plugin will be installed for free: AIOSEO”

    Our intention was to provide great starter tools for popular/related needs while keeping the option to uncheck or uninstall if anyone was already using an alternative.

    • This reply was modified 1 year ago by Dake.

    This is infuriating. This also happens with free version. Install free version, 2 extra plugins get installed. This is not acceptable behavior.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘A Trojan Plugin???’ is closed to new replies.