Source evidence

I never installed this myself?

Disable XML-RPC Pingback · review · 2016-05-27T08:53:00+00:00

Disable XML-RPC Pingback plugin evidence original source source API

praisesentiment

highseverity

0.65relevance

2replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

2 / 30 rows with source links

6.7% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

28 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

review · 5 stars

yolandal unresolved

I’m confused here… I see this plugin I’ve never heard of and I never installed… and the bad thing is; I can’t remove it! If this is a security plugin it sure doesn’t behave like it! It’s behaviour is a no-go for me. Update: My hosting provider admittd they have installed this plugin. But they never notified me. So now I’m giving a 5 star rating. Strange that the developer doesn’t respond.. My best guess, your hosting provider installed and enabled this plugin for you. In the last couple of weeks i’ve seen some hosting providers do this. Apparently the XML_RPC function (which is default active) is used by hackers. This plugin disables a few things in this function. Before you rate a plugin 1 star, it would be nice if you first make sure the problem isn’t on your end ;). Also, your hosting provider probably informed you by mail about this action. Thank you for that feedback. I just contacted my hosting provider and am waiting for their answer. And no, they didn’t inform me at all, that’s why I’m confused. When I have more information I’ll post it.

Commercial Context

Opportunity

API and integration reliability operations

Xml integration reliability for keeping WordPress APIs, connectors, and data handoffs reliable

Buyer: developers, agencies, and SaaS-integrated WordPress teams

Wedge: monitor xml API failures, payload drift, webhook issues, and external handoff risk

Investigate Pain card complete market

Analysis

heuristic-v1

Summary: I never installed this myself?: users show security, setup pain that may indicate a product gap.

Evidence quote: I never installed this myself?

Affected feature: form

security setup quality form

Plugin

API

Disable XML-RPC Pingback

60.0K active installs · 425.9K downloads · rating 78.0

ddos pingback rpc xml xml-rpc

Comments

2 shown

bjornwebdesign 2016-06-06T20:27:00+00:00

Strange that the developer doesn’t respond.. My best guess, your hosting provider installed and enabled this plugin for you. In the last couple of weeks i’ve seen some hosting providers do this. Apparently the XML_RPC function (which is default active) is used by hackers. This plugin disables a few things in this function. Before you rate a plugin 1 star, it would be nice if you first make sure the problem isn’t on your end ;). Also, your hosting provider probably informed you by mail about this action.

yolandal 2016-06-07T09:37:00+00:00

Thank you for that feedback. I just contacted my hosting provider and am waiting for their answer. And no, they didn’t inform me at all, that’s why I’m confused. When I have more information I’ll post it.