
Popular WordPress plugin tried to spam users' dashboards - ga-vu
https://github.com/Yoast/wordpress-seo/issues/13961
======
martin_a
This is the big problem I have with the WP ecosystem today.

Themes and plugins are a minefield with very little space between the mines.

Almost all themes in the theme repository are crippled versions of premium
themes today. The same goes for plugins where a huge amount of the plugins in
the official repository is just some kind of nagware trying to lure you into
buying a "premium version" which finally unlocks the single feature you
installed this plugin for. Then there are plugins which are outright broken
and will never get fixed anymore and some are just filled with some kind of
malware.

Oh, the aforementioned premium themes obviously come with a bunch of
dependencies, some bundled plugins, theme frameworks and whatnot else.

Instead of fixing this hole mess, Automattic thinks we need the 27th site
builder for WordPress and adds fuel to the burning piece of crap that the WP
ecosystem has become.

Sad to see from the outside, glad I left it behind me.

~~~
sendben2
What are you using now?

~~~
brylie
Wagtail (based on Python/Django). It has a great developer experience,
active/welcoming development community, and a WordPress inspired content
management UI.

[https://wagtail.io](https://wagtail.io)

------
lioeters
It was an intrusive ad banner, with a deceptive close button that redirected
users to a sales page. That should have never been allowed to happen, if they
value their reputation.

On the other hand, they quickly responded by removing the ad and apologizing
publicly.

[https://twitter.com/MariekeRakt/status/1200077958700044290?s...](https://twitter.com/MariekeRakt/status/1200077958700044290?s=20)

It was the right move.

~~~
martin_a
> On the other hand, they quickly responded by removing the ad and apologizing
> publicly.

I hate this. It's about testing the waters, seeing with what you can get away
and how loud the users will cry. Nothing about this was happened without a
reason.

Automattic should just outright ban plugins that are using dark UI patterns
like this.

------
brylie
I wish WordPress would help clean up its plugin/theme ecosystem and have
raised this point multiple times in their annual community surveys.

One major issue is that most of the plugins should be released as GPL since
WordPress is GPL licensed and the plugins extend its APIs. VCV Rack, a modular
audio environment, is a good example where all plugins are GPL unless getting
a commercial license from the core developer(s).

Another thing would be to encourage consistent documentation and support
channels, rather than every plugin using its own forum and documentation site.
Drupal is an excellent example of an ecosystem of GPL modules with the
consistent backing and documentation channels.

------
rchaud
Looks like they've removed it. Crazy to think that it was Yoast, one of the
most popular SEO plugins for WP. They actually have a really good website for
teaching SEO fundamentals as well, all free.

The most egregious part of this was linking the "close" button to a sales page
for the premium plugin. That is the kind of low-down dark pattern you only see
on pirated sports stream websites.

~~~
martin_a
Yoast has always been one of the most nagging distributors/creators. They have
always been obtrusive to the max, but this really tops it.

------
type0
> Also, the fact that once you get closer to the "x" to close the banner
> you're redirected to your sales page it's quite evil.

Brilliant Yoast, so clever, just brilliant! /s

