Banish Spam hackers to the 9 level of Dante’s hell. Plugin Pulse: WP Plugins A to Z Unplugged #11

In this episode of 'WordPress Plugins A to Z', host John dives into a critical security alert involving supply-side hacks in WordPress plugins. He details a recent incident where a developer sold 31 plugins for a million dollars, then inserted a backdoor that redirected traffic to spam sites—only activated months later with a misleading update note. John shares his personal experience with the compromised Countdown Timer plugin, explaining how he reverted to a clean backup and plans to fork the plugin for future development. He emphasizes the importance of vigilance, regular updates, and proactive monitoring, highlighting tools like Advanced Database Cleaner Pro and the need to avoid bulk plugin updates. The episode also features a review of his own lightweight plugin, WP Pro A to Z CPT Selector, a tip on using Elementor instead of Gutenberg for MailPoet forms, and a strong recommendation against bulk updates due to the risk of undetected breakage. John concludes with a call for community support through time, talent, and treasure, promoting the show's newsletter, live streams, and donation options.