Just want to remind the user of WordPress plugin, that picking plugin should be done carefully. Forum could be a good resource to check about the plugin reputation. One of the example i found within this year is Plugin called “My Visitor Counter”. From the meta provided, the author is Nick Blastrom, but i’m not sure that he is the true author of this plugin. By the time this post is written, i am no longer can find this plugin in WordPress , but still available via this url https://github.com/wp-plugins/wp-better-workflow/blob/master/wp-statsmechanic.php

WordPress Plugin: My Visitor Counter Contain Suspicious Links | the atmojo

Suspicious URL

If we go through the code (main php script), we can find some url pointing to unfamiliar link. Also there is curl action which “get” the content of mentined url and embed it into the body of website.

WordPress Plugin: My Visitor Counter Contain Suspicious Links | the atmojo

Content of Plugin Main Script

And if i try to check the content of the link, it shows some german-language website which i assume contain “adult” material (snapshot provided below).

WordPress Plugin: My Visitor Counter Contain Suspicious Links | the atmojo

The Original Plugin

If we check further, we can find the “true author” of the original plugin was Aditya Subawa. My Suspicion is the original plugin was modified and added with some “URL” before re-published using different name. Also, there are highly inconsistent variable naming across the script, sometimes the variable name is in bahasa, sometimes in english, which indicate modification action.

WordPress Plugin: My Visitor Counter Contain Suspicious Links | the atmojo

Below are the snapshots between "Mechanic Visitor Counter" which written by Aditya Subawa, and "My Visitor Counter" written by Nick Blastrom. It seemed obvious that "My Visitor Counter" add "silly" function and hook it into head of the WordPress.

WordPress Plugin: My Visitor Counter Contain Suspicious Links | the atmojo

Snapshot of "Original" Mechanic Visitor Counter

WordPress Plugin: My Visitor Counter Contain Suspicious Links | the atmojo

Snapshot of "Suspicious" My Visitor Counter

This link might not harm your website, but personally i don’t want my website associated with non-authorized content of other website.

So just beware, and get recommendations first before installing any plugin.