Hacker News new | ask | show | jobs
by jarym 2637 days ago
These guys put all this evil into their code (PHP no less so easily readable by anyone) and it took this long for them to get caught?

Further, they peddled this into who knows how many themes they sold and never thought they'd get caught?
2 comments
wp381640 2637 days ago
tons of wordpress themes and plugin are complete crap - even popular stuff. nobody reads the code or knows how to read it. it makes claiming bug bounties on wordpress sites easy.
link
pmlnr 2637 days ago
https://wordpress.org/plugins/

"Extend your WordPress experience with 54,886 plugins."

And those are only the ones on wp.org itself; the "premium" themes are in the tens thousands as well. It's not simple to catch these.

link