Plugin Not Trustworthy

The plugin has 100,000+ installations and the developers released a version [2.0.23] with malware in it. I just happened to be trying it out and soon afterwards the plugin allowed a redirect script to be inserted into WP core files, theme files, database files and cached files. It cost me hours to clean. Sure, I should’ve been running a security solution on the site prior to trying it out, but what responsibility do the dev’s take? Yes, they fixed it in v.2.0.25. But how can we be assured their software won’t contain malware in the future? In addition, the malware inserted into the site infected my desktop browsers with the annoying shlega redirect. Clearing cache didn’t work; MS Defender didn’t work; MalwareBytes & Spyhunter found the problem files in the hidden AppData\Local\… folders… MemberMouse is looking worth it now.