Author of Contact Form 7 just found its fork (fake) version named Contact Form 8 on plugin directory, as he requests the author to change settings.
But how come someone takayukister never knows can submit plugin to directory using the id (takayukister)? Does this mean someone hacked into wordpress.org database, stoll account from takayukister?
wtf is this?
- The topic ‘Security hole on plugin directory?’ is closed to new replies.