Support » Plugin: InfiniteWP Client » Functions as designed, poor security

  • Previously used InfiniteWP to manage several WordPress websites & was a paying customer. Unfortunately the plugin was compromised early this year & after reading about the vulnerability details, we decided to jump ship as it seems basic security considerations weren’t being made in the development of this plugin. The developer quickly released a fix that patched the vulnerability, but there is simply no excuse for not building a more secure plugin in the first place. Especially for one that is installed on so many sites. Would not recommend based on this. We will be going back to managing WordPress sites independently & working on our own custom tool.

Viewing 1 replies (of 1 total)
  • Plugin Author infinitewp

    (@infinitewp)

    Hi,

    As a product company ourselves, no one ever wanted something like that to happen. The code was introduced in an update trying to bring premium plugin updates. All open-source software goes through a series of vulnerabilities and the best the companies can do is immediately fix it and let all the users know about it.

    InfiniteWP handled this situation the same way and I do acknowledge the frustration that this would have caused. Being open-source software, this is inevitable even for WordPress. Wishing you the best for your future.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this review.