This is completely untested but the basic layout for an estimates style gateway that uses a custom order status. I used it in my talk at WCJAX 2018 and was requested to put it up on my site:
I’ve just released the latest version of my plugin to the WordPress repo. You can now simply click a button to have a plain text version of the information copied to your clip board. Paste into an email or support forum with ease and no crazy html or code getting included.
I’m not even going to link to the blog post they put up recently, but I’m sure you can find it if you want.
So a dude bought some plugins and in those plugins snuck some links/urls to spam sites he owns. Yes, it’s shady and awful practice. Is it illegal? No. Is it ok to call out the plugins so people ditch them? Absolutely.
But is it cool to post their full name a bunch of personal information and photos? FUCK NO. That is entirely uncalled for and fucked up.
This guy isn’t pushing malware. He’s not hacking your mainframe, bro. He’s doing some sleezy back linking shit. There is not a single thing about that which makes it appropriate for WF to put screen grabs of his LinkedIn profile on their post.
Wordfence is starting a witch hunt. I remember when those got banned on Reddit and you know why? Because it’s wrong. It can quickly escalate to mass harassment or worse. You don’t put up other people’s personal information on the web. Period.
I am absolutely flabbergasted that they had the gaul to put up a blog post like that.