Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
I’m not really disagreeing with you but is that really a security bug or even a problem with this plugin?
FTP (a horrible designed on a napkin protocol) requires that the userid/password either be stored somewhere or prompt the user each time. Prompting wouldn’t make for a useful plugin.
Also if you do use those constants how is that different from a security point of view than what this plugin is doing?
Lastly, if another plugin is doing malicious things and executing code on your WordPress installation then what this plugin does is besides the point. Your installation is aleready compromised. 😉
there is no security bug with this plugin ,
This plugin does exactly what those codes do !!
I dont say that this plugin steals ftp info, but it save ftp password in an array and it can extract by others
آره داداشم