22 Comments

  1. Louis
    · Reply

    Just because someone puts something for free on WordPress.org doesn’t mean they are “entitled” to anything either. On rare occasions, the trust which is obviously presumed by being on WordPress.org, is violated. In those cases, I believe it is the responsibility of the Plugin Review Team to side with users.

    It is never okay to have a product in the wild that is advertised as one thing and then to switch it for another without first letting users know it is going to change. That is something that the Review Team should, but doesn’t seem to, recognize.

    Sure, developers can do anything they want. Even violate the rules established by those who control access to the Repository.

    The problem is, it seems, if there weren’t rules outside WordPress.org that require removal of dangerous plugins, I get the feeling (based on responses I have seen over the years) the Plugin Review Team wouldn’t do anything about it.

    The Plugin Review Team is made up of people with more knowledge in coding than many others who use the plugins. It is obvious that would be a requirement. The message that comes out of that team seems to be more slanted in favor of other developers rather than users who face the aftermath of what some developers decide to do to users for the developer’s own profit.

    The Plugin Review Team seems to think (based on my experience) that developers are entitled. And that unless there is a flagrant violation of some moral code, all’s pretty much fair.

    Arrogance & callousness toward those who aren’t in the elevated position of being a developer, comes to mind when I think of the Plugin Review Team.

    As a user, I am ENTITLED to my opinion.

    Report

  2. Carl Hancock
    · Reply

    I tweeted my thoughts but will repost here…

    Maintaining free WordPress plugins is work. But let’s be clear. They acquired this plugin precisely to acquire its existing user base in order to monetize them.

    This isn’t a ”Poor free plugin developer needs to make money” story. This isn’t a “plugin developers need to make money too” story.

    The free plugin they acquired had a far larger user base than the paid plugin they already offered. They saw an opportunity to piggyback on those users.

    They bought this plugin to do this.

    I’m a proponent of monetization. I sell a fully paid WordPress product. But I don’t support the practice of acquiring a popular free plugin to try and take advantage of its users in shady ways.

    That is what happened.

    They deserve the scorn.

    Report

    • Roy Tanck
      · Reply

      Agreed. This is why I opted not to sell a successful free plugin years ago. While negotiating a price, I got the feeling the buyer’s main interest wasn’t the plugin or its functionality.

      A major part of what you’re selling is the ability to push updates to an established user base.

      I’d probably be in favor of a kind of “official” fork system, where users are alerted to a new version (published under a different slug), and WP offers a way to upgrade to the new plugin, if they trust the new fork.

      Report

    • Otto
      · Reply

      I warned about this exact type of thing over 5 years ago. I meant every word.

      https://make.wordpress.org/plugins/2016/02/12/on-the-topic-of-selling-your-plugins/

      Report

  3. Miroslav Glavić
    · Reply

    All plugin and theme authors shouldn’t go on the whole “you getting something for free, my hard labour of love, bla bla bla bla bla, be quiet” type mentality.

    After all, all plugin and theme authors, are making a living out of free labour of love, WORDPRESS ITSELF.

    Yes we are entitled to complain about free plugins/themes. Unethical practices from some authors for example.

    Unethical practices is violating my admin with: (1) “hey subscribe to my newsletter” (2) “Hey, I know you just downloaded and activated my plugin and had no chance to test it out, I still want you to rate it” (3) “Here are my other plugins” (4) “Go buy my pro plugin” (5) “give me free statistics” (think freemius). Things like that.

    Now, I have done the following: (1) Bought many plugins/themes authors a ticket to a WordCamp. Some I included accommodation for the weekend and your flight/train/bus ticket to the WordCamp if they are out of Province/State.

    (2) Interviewed author for a podcast I was co-hosting

    (3) I will start writing a post about each plugin I use on my sites.

    How many of these authors have THANKED WordPress, without WordPress, there wouldn’t be their plugins/themes.

    Yes it is completely wrong to purchase a plugin to just monetize it or complete change it around.

    Report

  4. waltari
    · Reply

    The main problem with most of the wp plugins (paid or not) is a fact that they usualy doesn’t do the things author claims they do. Iam the one who buys the plugins i use in the form of either pro version or for example patreon donation in the case of github repositories as the authors deserve (in my opinion) some sort of satisfaction appreciation.

    But, there is a but. Many times i have faced one issue, needless to say it was the same issue in all cases. The changes they do to wordpress are ireversible orvl very hard to do, so paying for pro or through donations is in such cases the only option you are left with as you are basically held hostage. Prime example are plugins that add or alter user roles.

    So iam all in for paying for things when i find them usefull after a trial and/or testing free version, but imho such radical things should be stated upfront, which in most cases isn’t.

    Report

  5. Bastian
    · Reply

    The fact that the plugin review team and the forum moderators can’t see what happened here is really sad.
    This plugin author closed his old ProfilePress plugin (https://wordpress.org/plugins/ppress/) which only had 4000+ active installs, and took over the account of an unrelated plugin and switched its codebase to capitalize on its userbase of 400,000+.
    Is this a behavior to be left unpunished?

    Report

    • Lisa Dubbs
      · Reply

      It took Google some sweet time to ban the notorious scammers Cheetah Mobile from the Play Store. And the store is still filled to the brim with junk apps. The Plugin team needs to nip this in the bud swiftly, or things gonna get out of hand. I cannot really blame OG devs for selling their popular plugins to shady actors in exchange for a fat wad of cash. The plugin team needs to add a clause that prohibits this in the directory, full stop.

      Report

  6. Arber
    · Reply

    Grandma told me, boy, don’t install too many WordPress plugins or you will get burned.

    I heard her :p

    Well I always was against installing a plugin for every simple small thing. Usually ended up coding a lot of stuff and only used around 10 plugins at max on client sites. On my own I only have 2 or 3 plugins.

    Let this post serve as a reminder of this golden rule, do not install a lot of plugins on a site. This is not a WordPress only issue this is a real world issue that happens on all tech stacks, frameworks/libraries, etc.

    So what should we learn from this is that we need to rely the least possible from external resources (plugins/packages) and be very cautious when we add one to be sure about the quality of resource we are adding into our project.

    Report

  7. Eric Karkovack
    · Reply

    In this particular case, it was a sort of bait-and-switch that set users off. And I can’t really blame them.

    Unfortunately, there will always be a downside to the free software market for developers and users. There’s going to be folks who have unreasonable expectations and those that lose trust.

    On the whole, I’d say it works pretty well as far as WordPress is concerned. Developers keep jumping into the market and users keep downloading. It’s just a matter of acting ethically and treating each other respect. Not everyone is going to pass those tests.

    Report

  8. CW
    · Reply

    A lot has been said about how the plugin was swapped out without warning and therefore permission. That’s reason enough why this was a bad idea, but just as important, by purchasing WP User Avatar, ProfilePress was not just taking on an existing user base, but buying good reviews and high active install numbers.

    That’s a review scam. Without those 200 review bombs from angry users, everyone in the repository who is searching for a membership plugin would have been misled into thinking that ProfilePress was enormously popular and well-liked. If businesses are allowed to do with without accountability, the integrity of the WordPress plugin repository will be completely destroyed.

    That’s why even though judging when an update is big enough to be a different plugin would be really difficult, this behavior should still be banned officially.

    Report

  9. Lewis Cowles
    · Reply

    I’d like to note that AFAIK all plugins have an SVN repo. So grab the versions you use and like and store them like you would your other valuables…

    Auto-update might be the thing you fight most. Oh and manually maintaining a fork…

    Report

  10. Ben
    · Reply

    I agree with most of the above. I was put off when I saw a completely different plugin on two of my sites (Freaked out a little actually). It is super lame to assume that designers and developers are o.k with a complete new code base being injected in your WordPress install without being able to look at it first.

    The bottom line is the bad taste it leaves in everyone’s mouth…

    Report

    • Roy Tanck
      · Reply

      This whole situation demonstrates how much trust installing a third party plugin actually requires. Plugins can do literally anything on/to your site. And what it does can change with each update.

      Report

  11. Serge
    · Reply

    I posted a one-star review in which I complained about the plugin’s aggressive bait-and-switch, said I had deleted the plugin and installed WP User Avatars. Then I got this in my email:

    “Jan Dembowski wrote:

    I have removed your review.

    If you want to leave a review then do so. But keep it about that plugin and do not use the review to make recommendations for something else. That is not appropriate.”

    This came from a noreply address, so I had no way to question it. My review did include a link to WP User Avatars on the repository, so if the moderator had said that was against the rules I’d be guilty as charged. But that’s not what the mod said, and I think the mod took a subjective and rather expansive view of what a “recommendation” is. Not only did I not praise or recommend WP User Avatars, I noted that it was a pain to have to regenerate all my user profiles.

    So it’s quite possibly this plugin would have a lower rating if mods had not been summarily deleting reviews like mine. The bottom line is that when someone starts to make reviews disappear for murky reasons, they’re wading into Yelp territory – they’re giving users reasons to doubt the integrity of their review system and doubt whether it’s worth taking the time to post honest feedback.

    Report

    • Bianca
      · Reply

      My review did include a link to WP User Avatars on the repository, so if the moderator had said that was against the rules I’d be guilty as charged. But that’s not what the mod said, and I think the mod took a subjective and rather expansive view of what a “recommendation” is.

      Actually, links are not allowed in reviews.
      https://wordpress.org/support/forum-user-guide/faq/#why-are-links-not-allowed-in-reviews

      However I can imagine that the wording of the moderator can be interpreted as unfriendly and off putting. I experienced this as well. I try to remind myself that these mods are doing this work voluntary (sometimes for years), see a lot of misbehaving and mostly mean well. It might be a professional bias or deformation. that lead to responses like these.

      Report

      • Louis
        · Reply

        Using the excuse of being a volunteer isn’t justification for many of the actions and words from mods. I’m so tired of reading excuses for mods because they are volunteers. Volunteering doesn’t entitle people to be rude or tactless toward users.

        Users are voluntarily using plugins, trusting that they will be what they were advertised as being. That trust is being violated and the users are being expected to comply with rules that neither mods, review team nor developers need to comply with.

        Users aren’t allowed to put a link in a review, but developers are allowed to completely change a plugin, including links to other websites, completely changing the functionality, code and purpose of the plugin. And mods as well as the review team tell us developers are allowed to do anything they want.

        Hardly equitable.

        Report

        • Bianca
          · Reply

          I was just pointing out that links are not allowed as the TS thought this was to the discretion of the mod, which is not so.

          Nowhere am I making excuses for the mods. As I said, I even had a similar experience. I addressed this to him and we worked it out in the end, as adult people.

          What I tried to point out is that we are all people at the other end of the computer. Even mods are entitled to make mistakes (hence the biases bit) and they do. I am just not convinced that they are being rude on purpose. What makes it bitter is that they are in a powerful position and therefor can make you feel unheard, angry and sad.

          Communication can be hard through written conversation. Some people are rude by nature even if they don’t think they are. We may all got a few in the family even.

          Also nowhere am I saying that developers are allowed to change a plugins functionality. I actually agree that rules need to be in place so this never happens again. If WordPress.org encourages us to keep our installations up to date, they have a moral obligation to not let something like this happen ever again. Moves like this are malicious, period.

          It’s that governance thing thats been discussed but isn’t really getting a proper shape.

          Report

  12. Louis
    · Reply

    “Also nowhere am I saying that developers are allowed to change a plugins functionality. I actually agree that rules need to be in place so this never happens again. If WordPress.org encourages us to keep our installations up to date, they have a moral obligation to not let something like this happen ever again. Moves like this are malicious, period.”

    On that we agree.

    Report

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: