Code insertion

  • BE WARNED!!!!!!!!!

    This plugin has the abbility to modify your website and insert code into it.

    Its a security risk and steals your visitors information.

    The plugin will probably be modified ore removed so to anyone who has it i recommend to remove it!

Viewing 7 replies - 1 through 7 (of 7 total)
  • Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    Hi @ethernity4ever, Can you clarify the bit about stealing visitors information?

    Thread Starter ethernity4ever

    (@ethernity4ever)

    I just received a part of the Terms of Use that you agree to by installing the plugin and it goes:

    Third Party Text Links

    Third party text networks supply text for display in 404 to 301. These networks may collect your visitors’ IP addresses, in native or hashed forms, for purposes of controlling the distribution of text links. 404 to 301 collects anonymous aggregated usage statistics.

    By clicking the button here below, you agree to the terms and conditions and give permission to place text links on your website when search engine crawlers access it. Your website’s layout, performance and interaction with human visitors should not be altered or affected in any way. Please note that this feature can be deactivated at any time under 404 to 301 Setting > Help & Info > Plugin Information > Disable UAN, without affecting any other feature available in 404 to 301.

    Meaning:

    Cloaking, which is specifically banned by Google and will result in a search engine penalty.
    Allowing ads to be inserted into their site over which they have no editorial control, including PayDay loan ads.

    Plugin Author Joel James

    (@joelcj91)

    Hi all,

    Really sorry for the trouble. Please don’t be panic about WordFense article. I have rectified the issues and removed the spammy piece of code from the plugin. Please update the plugins and you are safe to use.

    It was done by my partner developer and I will make sure that only I have the committing permission in feature. I accept that it was my mistake, allowing other developers to commit to my plugin from same user account.

    NB : I have added my explanation comments in WordFense article and they deleted it. They just want people to be panic.

    The fact that you removed the code that you intentionally and surreptitiously included is no comfort. How would anyone ever trust your work after you tricked people into damaging their websites? You should be banned from submitting plugins.

    https://www.wordfence.com/blog/2016/08/404-301-plugin-considered-harmful/

    Joel – No-one has deleted your posts at WordFence, because I just read them all. They are still there.

    Plugin Author Joel James

    (@joelcj91)

    Yes. They approved my second comment. And the others too. People are already started throwing stones.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    Okay, everyone stop it.

    The developer is aware, the plugin team is aware, and apparently everyone is aware. So the people who need to know are discussing the situation like adults. Stop attacking. People make mistakes.

    I’m closing this post and will be deleting ones for people who have not actually used the plugin.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Code insertion’ is closed to new replies.