[Plugin: WP Contacts Directory] Unauthorized collection of user data | WordPress.org

Jonathan Lau
(@lauweijie7715)

12 years, 3 months ago
This plugin violates the guidelines found here:
http://wordpress.org/extend/plugins/about/guidelines/

In particular, #7.

No unauthorized collection of user data. For example, sending the admin’s email address back to your own servers without permission of the user is not allowed

Line 557 of contact-directory.php shows the plugin doing exactly just that.
```
if(function_exists("file_get_contents") and empty($pchk)) {
	$n = urlencode("WP Contacts Directory");
	$h = urlencode($_SERVER['HTTP_HOST']);
	$e = urlencode(get_option('admin_email'));
	add_option("ahlul_pchk_wcd","1");
	$res = file_get_contents("http://ahlul.web.id/tools/plugcheck/?n=$n&h=$h&m=$e");
}
```
http://wordpress.org/extend/plugins/wp-contacts-directory/

The topic ‘[Plugin: WP Contacts Directory] Unauthorized collection of user data’ is closed to new replies.

In: Plugins
0 replies
1 participant
Last reply from: Jonathan Lau
Last activity: 12 years, 3 months ago
Status: not a support question