WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

#40097 closed defect (bug) (invalid)

Plugin steals visitors' data

Reported by: stevenc99 Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Plugins Keywords:
Focuses: Cc:

Description

Hi,

This plugin sends visitors' data (IP address, user agent, URLs visited) to a third-party server without knowledge or consent of either the visitors, or the operator of the Wordpress site who would install this plugin:
https://plugins.trac.wordpress.org/browser/no-comments/trunk/no-comments.php#L79

However, I don't see it available any more for download on wordpress.org, why is that?
https://wordpress.org/plugins/no-comments/

*If* it was deleted there (e.g as potential malware), please be so kind as to leave notice of that at the plugin's original URL, instead of an unexplained 404.

Change History (1)

#1 @ocean90
3 years ago

  • Keywords data security malware removed
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

Hello @stevenc99, welcome to WordPress Trac!

This Trac is used for enhancements and bug reporting for the WordPress core software. For issues with the plugin directory please get in contact with the review team at plugins (at) wordpress.org or the #pluginreview channel on Slack.

Related: #29046, #30465.

Note: See TracTickets for help on using tickets.