Installing a plugin (or theme) means that you are entirely trusting your site into the hands of their developers. There are no restrictions on what the code you’re putting on the site can do. It can move all your buttons to the left by two pixels because of a CSS bug, but it can also purposely wipe out all your files and the entire database. Installing plugins from the official WP repository eliminates chances for the second scenario, but it still leaves you wondering – what changes did a plugin make to my site? In practice, what changes do plugins make?
Before the realistic scenario, let me repeat the theoretical one, one more time. You are installing and activating a 3rd party piece of PHP code on your site. There are absolutely no limits on what the code can do as long as it’s in the realm of PHP and it’s capabilities and privileges on the server. It can certainly delete files, modify them or send them to a remote server. Same goes for the data stored in the database. You can’t stop any of that once the plugin is activated. So, don’t use nulled plugins or themes and if you’re installing sketchy plugins on a live site make a backup first.
Source: https://managewp.org/articles/18038/determine-what-changes-a-plugin-or-theme-made-to-a-wordpress-site
source https://williechiu40.wordpress.com/2018/10/30/determine-what-changes-a-plugin-or-theme-made-to-a-wordpress-site/
No comments:
Post a Comment