Source evidence

Popunder in code source…. be careful

When Last Login · review · 2022-10-19T15:11:00+00:00

When Last Login plugin evidence original source source API

complaintsentiment

highseverity

0.96relevance

2replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

5 / 21 rows with source links

23.8% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

16 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

review · 1 stars

klixtorg unresolved

This plugin has a popunder code inside. Be careful. Just delete it and the issues are resolved. Hi @klixtorg Thank you for taking the time to share a review, I’m not aware of any popunder code that was intentionally added to this plugin. We previously had an admin notification that would nudge users to signup for our mailing list which we’ve done away with, I’m not sure if this is what you are referring to. We also leverage some libraries that we try to review to the best of our ability. I do take security/malicious issues seriously, please can you email support@yoohooplugins.com with reference to the source code so I may review this code with highest priority and look into it further. Thanks! This reply was modified 3 years, 7 months ago by Andrew Lima . I’ve spent a bit of time reviewing the code base and I don’t find any evidence of popunder (or malicious) code here is an open link to our repository – https://github.com/andrewlimaza/when-last-login/ If you need help with code or the plugin, do not hesitate to reach out here – https://wordpress.org/support/plugin/when-last-login/

Commercial Context

Opportunity

trust and abuse-prevention operations

User Login abuse-prevention assurance for keeping sites trusted, protected, and recoverable

Buyer: site owners, agencies, and maintenance teams

Wedge: test user login lockouts, bot/spam defenses, risky access changes, and incident alerts

Investigate Pain card complete market

Analysis

heuristic-v1

Summary: Popunder in code source…. be careful: users show security, bugs, support pain that may indicate a product gap.

Evidence quote: Just delete it and the issues are resolved.

Affected feature: email

security bugs support support

Plugin

API

When Last Login

50.0K active installs · 190.7K downloads · rating 94.0

last logged in last login last seen user login user login time

Comments

2 shown

Andrew Lima 2022-10-19T15:36:00+00:00

Hi @klixtorg Thank you for taking the time to share a review, I’m not aware of any popunder code that was intentionally added to this plugin. We previously had an admin notification that would nudge users to signup for our mailing list which we’ve done away with, I’m not sure if this is what you are referring to. We also leverage some libraries that we try to review to the best of our ability. I do take security/malicious issues seriously, please can you email support@yoohooplugins.com with reference to the source code so I may review this code with highest priority and look into it further. Thanks! This reply was modified 3 years, 7 months ago by Andrew Lima .

Andrew Lima 2022-10-25T15:50:00+00:00

I’ve spent a bit of time reviewing the code base and I don’t find any evidence of popunder (or malicious) code here is an open link to our repository – https://github.com/andrewlimaza/when-last-login/ If you need help with code or the plugin, do not hesitate to reach out here – https://wordpress.org/support/plugin/when-last-login/