Why is this plugin phoning home?

  • Hi

    I really like the look and functionality of your plugin but I had to deactivate and uninstall it because it’s including a lot of calls to your own servers.

    Here are some examples of the URLs your plugin calls on a single post’s page:

    https://shuttle.sharexy.com/css/SharexyCss.css
https://shuttle.sharexy.com/css/SharexySendMail.css
https://core2.sharexy.com/setShare?r=MyDomain.com&t=Post Title&soc=Facebook&Id=false
https://shuttle.sharexy.com/LoaderLite.js
https://shuttle.sharexy.com/design/top_counter55.png

    I’m most concerned with the 3rd URL call to https://core2.sharexy.com. In that request you are sending my domain and my post title to your servers.

    Another concern is the fact that if one of your servers is down or unresponsive, your plugin won’t function.

    And an even scarier concern is if your server gets hacked, then all sites with this plugin installed could have malicious code injected into one of the JS files that the plugin includes from your server.

    This plugin seems to violate Guideline #7 of the Plugin Submission Guidelines.

    Can you please explain why you are making remote calls to CSS, JS and image files instead of those files being hosted locally on my server?

    Thanks!
    Pas

    https://www.ads-software.com/plugins/sharexy/

  • The topic ‘Why is this plugin phoning home?’ is closed to new replies.