[wp-trac] [WordPress Trac] #10273: Ban plugins that, optionally or surreptitiously, display authors’ ads

WordPress Trac wp-trac at lists.automattic.com
Thu Jun 25 18:59:46 GMT 2009 

#10273: Ban plugins that, optionally or surreptitiously, display authors’ ads
---------------------------+------------------------------------------------
 Reporter:  demetris       |       Owner:  ryan          
     Type:  defect (bug)   |      Status:  new           
 Priority:  high           |   Milestone:  Future Release
Component:  WordPress.org  |     Version:  2.8           
 Severity:  major          |    Keywords:                
---------------------------+------------------------------------------------
 There was an incident last year where the author of an ad-manager plugin
 admitted that his plugin replaced users’ ads with his own ads.

 Quoting from http://wordpress.org/support/topic/205094

   I just thought if people can't be bothered to read/modify the source
 code to suit your own needs, then you should probably be paying for my
 time to write and test these codes for you.

 This plugin is still hosted on wp.org;  its author just had to remove the
 stealing code.

 Now I just saw another recent thread in the forum about another plugin
 that is reported to be doing the same thing:

 Developer shows own adsense?

 http://wordpress.org/support/topic/280213

 In this case, displaying the author’s ads is optional.  However, a forum
 member says that they turned this option off and the plugin still displays
 its author’s ads.

 I downloaded the plugin in question to see.  Before installing it, I
 looked at the files.  All author’s adsense code is save in a long string
 that is base64 encode.  I did not go on to test it:  for me, hiding code
 like this is reason enough no to trust a plugin, and I think it should
 also be reason enough to remove a plugin from the repository.

 WHAT TO DO ABOUT ALL THIS

 Of course, to say the least, all this reflects badly on WP and wp.org.

 Since we cannot probe into the souls of plugin authors to know whether
 their ads are displayed by a coding mistake (that is, when the user opts
 not to display the plugin author’s ads) or on purpose, I propose to ban
 from wp.org any plugin that has code to display its author’s ads, even
 when this is an option that can be turned off.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10273>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list