WordPress.org

Plugin Reviews

Hana Code Insert

Easily insert any complicated HTML and JAVASCRIPT code or even custom PHP output in your WordPress article. Useful for adding AdSense and Paypal donat

1 review
Average Rating
3.7 out of 5 stars
You are currently viewing the reviews that provided a rating of 1 star. Click here to see all reviews.
Security?
By , for WP 4.1.1

I tried this plugin, as the general idea behind it is so cool.

Problem1: I quickly looked at the code and found the php is executed with the "eval" command. That is really scary in many ways: It is a door opener for all sorts of misuse and makes also php bug fixing so very hard.

Problem2: I installed the plugin (as admin) and re-logged with the role of an editor (lower rights level). I could still access all the plugin's settings, which was unexpected.
So there seems to be not even a solid rights protection. If WordPress is used not only by the owner but content is maintained also by editors, this missing rights protection would be a no-go for me.

I gave up at that point. As much as I would like to use it: I stay away from it for now.

If the security issues are fixed, I would be more than happy to rate this 5 stars.

You must log in to submit a review. You can also log in or register using the form near the top of this page.