Make WordPress Core

Opened 4 years ago

Closed 4 years ago

#51303 closed defect (bug) (invalid)

Unauthorised Plugin "DoLogin Security" seems to be able to install itself

Reported by: webformation's profile webformation Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Plugins Keywords:
Focuses: Cc:

Description

https://wordpress.org/support/topic/why-has-this-plugin-suddenly-appeared-on-one-of-our-websites/#post-13400138

I have this issue where a plugin mysteriously installed itself. Seems unthinkable but found others on the support forum for this plugin reported the same.

How is this even possible?
Thanks

Change History (2)

#1 @webformation
4 years ago

Update: Found there was a reference to the plugin being installed and activated together with the latest Litespeed Cache plugin without advance notification or permission from admins. Seems a breach of user agreement with plugin developer.

#2 @TimothyBlynJacobs
4 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

Hi @webformation,

Welcome to WordPress Trac! Trac is used for tracking issues with the WordPress Core software.

If you have a concern about a plugin potentially violating the WordPress.org plugin guidelines, you can report it by contacting the plugin team via email plugins@wordpress.org.

Note: See TracTickets for help on using tickets.