#45780 closed defect (bug) (duplicate)
Installed different plugin and ask for update from different plugin
Reported by: | jk81093 | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Plugins | Keywords: | |
Focuses: | privacy | Cc: |
Description
Very dangerous bug, its kind of a loophole to destroy website.
For example I have created custom plugin with name of "example" directory, and if in WordPress plugin market if plugin available with same directory (example) then installed plugin asked for update but both plugin are different. And if we update the plugin from the popup then old plugin replaced with new plugin but both are different.
So if we update plugin with some hacky code to the name of popular plugin directory then its dangerous for targeted website.
Change History (3)
Note: See
TracTickets for help on using
tickets.
This is a known issue, but not one that is planned for a fix. Plugins are recognized by their name, slug, and the Plugin URI header. Make those different and unique for each plugin.
If you use custom plugins, name them appropriately so as to avoid conflicts. We generally recommend using your domain name in the slug if the plugin is specific to that domain. Like example-com-my-plugin or similar.