[wp-trac] [WordPress Trac] #52289: WP ERP is a SPAM, product and data stealing plugin
WordPress Trac
noreply at wordpress.org
Wed Jan 13 11:28:34 UTC 2021
#52289: WP ERP is a SPAM, product and data stealing plugin
--------------------------+-----------------------------
Reporter: saltyruss | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: critical | Keywords:
Focuses: |
--------------------------+-----------------------------
WP ERP sent SPAM to 57,000 of my users with absolutely no notice, no
confirmation, no indication that it would happen. I was testing it on 2
test 'users' and it accessed 57,000 of my users with no notice or
confirmation - no indication of any kind that it would send an email to
anyone - and sent them an email stating that their user email address has
been changed. WP ERP provided absolutely no indication that this would
happen. In fact, I was only testing their system on 2, two, test
accounts. Their product wreaks havoc on an otherwise solid platform,
which is WordPress. is there no vetting process for plugins to be on your
marketplace? no automated, even simplistic method to test if a plugin is
abusing good WordPress resources?
The makers of WP ERP have not responded directly to my several attempts to
contact them directly about this issue. They have only responded, very
late I might add, to a forum entry, in which they made false claims. I
have no confidence that they are not intent on extorting confidential
contact information for nefarious or maybe even criminal purposes.
Russ Johnson
President, PCN, LLC.
russ at pcnllc.net
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52289>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list