Comment on Display Widgets Plugin Review by SEO Gold Coast Services.

Originally posted to the WordPress support forum…

WordPress has deleted the Display Widgets plugin again, (twice in a week!) this time because of version 2.6.1.

The cause is the code in the /display-widgets/geolocation.php file (added by the new developer) connects to http://geoip2.io/ and potentially collects/stores your website visitors data without yours/theirs permission.

Data collected:

IP address
User agent
Display Widget users domain name

I don’t understand why the feature would require anything beyond IP address? The new geolocation feature only needs the country code (US, EN-GB, DE etc…) of the visitor which can be determined from IP alone. Why gather the other data?

If you plan to stick with the Display Widgets plugin I suggest downgrading to the old version (updated 2+ years ago by the original developer). You can download version 2.05 from https://downloads.wordpress.org/plugin/display-widgets.2.05.zip this has a few minor bugs, but is a stable release and what I used to build the Display Widgets SEO Plus plugin from 7 months ago.

David

Update September 16th 2017 : I’ve released a Free Security Update/Upgrade of the Display Widgets Plugin.

More Comments on Display Widgets Plugin Review by SEO Gold Coast Services


Display Widgets Plugin Vulnerabilities

Sorry to hear of the problems.

In principle yes the hack could have compromised your site in other ways.

I never installed the Display Widgets Plugin v2.6.* on a live site, only …


Display Widgets Plugin v4.0.0 Release

I’ve released a Free Security Update/Upgrade of the Display Widgets Plugin which is called v4.0.0 and is malicious code free and extends the widget logic features. I’ll be supporting the …


Adopting the Display Widgets Plugin

Thanks for your kind words :-)

A couple of small inaccuracies in your comment above.

The WordPress plugin team didn’t delete/close/moderate my WordPress forum support posts, it was “Jan Dembowsi” (@jdembowsi) a …


Display Widgets Plugin v2.7 Download

There’s some info on the Display Widgets support forum about the 2.7 update, but you can’t get to it easily because the main Display Widget Plugin page is still closed …


How to Clean a Hacked WordPress Site

Sorry to hear your site is hacked, there’s probably tens of thousands of Display Widget v2.6.* users in the same boat!

I’ve not looked at a Display Widget Plugin v2.6.* hacked …


Display Widgets Plugin v2.6.3.1 Review

I said I wasn’t going to waste my time contacting the WordPress plugin team again, but I couldn’t help myself, the Display Widgets plugin developer is a hacker and is …


Display Widgets Plugin Geolocation Tracking Visitors without Permission

Originally posted to the WordPress support forum…

I have a question regarding the visitor data you are tracking/storing and your terms at http://geoip2.io/terms.html: the site has been deleted.

Section 10. Privacy policy …


More Comments by SEO Gold Coast Services


Google Defamation Process

Most likely Google alone.

Google trusts what they are told via the defamation reports, there doesn’t appear to be any detailed checking on Google’s part!

So if someone makes a credible defamation …


Google Mobile Usability Test

SEO tools like SEOptimer are generally not very good, they are built by programmers who are human and they make mistakes, so I’d take the SEOptimer Usability Device Rendering F …


Twitter Permanent Suspension

When you said “I apply most of the tricks talked about in this article” does that mean you are following at least 400 Twitter accounts everyday and unfollowing them all …


Camping World Biloxi

This is a Camping World Biloxi SEO test.

The Camping World Biloxi Google search phrase sees around 1,900 searches a month, a number 1 Google listing for Camping World Biloxi would …


Revolution Slider JS Bloated

All because I avoid using flashy JS features via plugins like Slider Revolution to maximise pagespeed does not mean I don’t know how to use flashy Javascript features whilst minimising …


GTmetrix Website Speed Test Location

Regarding GTmetrix speed testing you have to take into account hosting location when comparing 2 websites targeting different countries.

My SEO Gold site which mostly targets the UK market is hosted …


Revolution Slider Images NOT Responsive

The Revolution Slider SEO Optimization article is a snippet of a larger article Optimized Images Load Faster and Consume Less Cellular Data which looks at a website created by a …


It’s Illegal to Threaten Someone Online

WoW! I critique the old out of date web design of a local Skegness business and James Smith (AKA: fake name) resorts to childish personal insults, why would you do …