Should a plugin load 1×1 images that go to black pages?

  • In doing a performance check of my site on ManageWP.com, I have found it is compromised in part due to a number of images “missing width and height attributes,” though ManageWP is able to see that these are 1×1 images. After some study, I have determined that if I deactivate the Simple Share Buttons Adder plugin, this problem disappears.

    Should a plugin be loading 1×1 images that have external links not known to the site owner? Clicking on a few of these urls, a solid black page loads.

    I would immensely appreciate if someone could help me understand what on earth these 1×1 images are, what purpose they serve and do they represent any threat?

    Here is the list of these image files:

    The following image(s) are missing width and/or height attributes.
? https://aa.agkn.com/adscores/r.pixel?sid=9212270798&puid=CvQEBlnhFm4AAAARd46NAw%3D%3D?(Dimensions: 1 x 1)
? https://bcp.crwdcntrl.net/map/c=9084/tp=SARE/tpid=CvQEBlnhFm4AAAARd46NAw%3D%3D?(Dimensions: 1 x 1)
? https://dx.bigsea.weborama.com/collect?dsp_id=2&eid=CvQEBlnhFm4AAAARd46NAw%3D%3D
? https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dweborama%26partner_uid%3D%7BUUID%7D
? https://ib.adnxs.com/getuid?%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID?(Dimensions: 1 x 1)
? https://loadus.exelator.com/load/?p=847&g=001&j=0&puid=CvQEBlnhFm4AAAARd46NAw%3D%3D?(Dimensions: 1 x 1)
? https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1?(Dimensions: 1 x 1)
? https://ml314.com/utsync.ashx?eid=50131&et=13&fp=CvQEBlnhFm4AAAARd46NAw%3D%3D&cp=http%3A%2F%2Fsoazseniorpride.org%2F&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d(Dimensions: 1 x 1)
? https://px.owneriq.net/eucm/p/stc?(Dimensions: 1 x 1)
? https://t.sharethis.com/d/a.gif?v0=CvQEBlnhFm4AAAARd46NAw%253D%253D&v1=soazseniorpride.org&v2=http%253A%252F%252Fseg.sharethis.com%252FgetSegment.php%253Fpurl%253Dhttp%25253A%25252F%25252Fsoazseniorpride.org%25252F%2526rnd%253D1507923568198&v3=http%253A%252F%252Fsoazseniorpride.org%252F&v4=http%253A%252F%252Fsoazseniorpride.org%252F&cid=c010&dmn=soazseniorpride.org&tt=t.dhj&dhjLcy=391&lbl=pxcel&flbl=pxcel&ll=d&ver=0.109.2578&ell=d&cck=__stid&pn=%2F&qs=na&cc=US&ipaddr=&evid=qm6PX8VA07lwS0jzoEd2&urls=!1!703!b-102,!1!1063!b-10q,!1!661!b-10i,!1!1165!b-10l,!1!1639!b-11q,!0!1545!b-105,!0!1866!b-11o,!1!1034!b-10w,!1!1390!b-11d,!1!1167!b-106&rnd=1507923570985&cid=c010&version=0.109.2578&cc=US&htmLcy=185
? https://tags.bluekai.com/site/50962?id=CvQEBlnhFm4AAAARd46NAw%3D%3D&limit=1?(Dimensions: 1 x 1)

    Thank you,
    Susan

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    You should read this — https://simplesharebuttons.com/privacy/ — (there’s a link to it on the plugin’s wp.org page) and decide whether you wish to use the plugin under these terms.

    To answer your question, no, they absolutely should not be doing this.

    I assume they are ads, being resized so as to not be noticeable. It sounds like a scam.

    Steve, is this plugin included in the WordPress plugin directory? If so, should it be removed?

    Thread Starter susantau

    (@susantau)

    I am seeing this with all my WordPress sites that use Simple Share Buttons Adder. This plugin inserts a slew of stranger redirects, which I might never have known about if I had not done the Performance check in ManageWP.com. There’s nothing at all visible when i go to the site, nor in a “Fetch and Render” in Google Console.

    One by one I am removing Simple Share Buttons Adder from all my sites.

    I am replacing with AddToAny which does not insert redirects, at least none get noticed by the ManageWP performance checker.

    • This reply was modified 7 years, 5 months ago by susantau.
    • This reply was modified 7 years, 5 months ago by susantau.
    • This reply was modified 7 years, 5 months ago by susantau.
    • This reply was modified 7 years, 5 months ago by susantau.
    • This reply was modified 7 years, 5 months ago by susantau.
    Thread Starter susantau

    (@susantau)

    p.s. I read through the relevant section of the Simple Share Buttons Adder Privacy Policy and do not feel the least bit reassured.

    Google Search Console states:

    Pick third-party content providers very carefully. If you’re considering installing an application provided by a third party, such as a widget, counter, or ad network, be sure to exercise due diligence. Ad space is often syndicated to other parties who are not known to the website owner. While there are many great third-party content on the web, it’s also possible for providers to use these applications to push exploits, such as dangerous scripts, towards your visitors.

    • This reply was modified 7 years, 5 months ago by susantau.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Should a plugin load 1×1 images that go to black pages?’ is closed to new replies.