If you’re familiar with the WordPress platform, you’ll know the entire CMS runs on plugins. 95% of which have no affiliation with the original WordPress team. Developers have gone on to run successful companies by providing a service and need for web developers, clients and end users globally. Most WordPress plugins are free so how do they run a successful business model?
These are plugins that solve users basic requirements and are often developed by fellow freelancers or small organisations. Usually, these are funded one of two ways
Donations – Often these developers will rely on users donating out of goodwill for a headache that they’ve solved.
Extra features/add-ons – As said before – often these plugins will solve a basic need but if you want to take full advantage of the power of the plugin which may not only solve your problem but turn it into a strength – you’ll need to pay for the plugin – either a one-off fee or a recurring cost.
Other models offer no version of a free option – often that they’re either very confident in their marketing or they have a lack of competitors providing a vital service – often a very complicated service.
So this brings us to ‘nulled’ plugins.
What is a Nulled plugin?
Nulled WordPress themes & plugins are copies that are pirated and redistributed unethically online. Those doing it will often quote that since WordPress & derivative works are licensed under GPL that they have free reign to do so. Whilst this is technically true – it’s a slippery slope and highly unethical. It ruins the industry for the coders & worse than that, it may compromise your website.
Why your website may be compromised by running Nulled plugins
The ‘nulled’ version, whilst it may look identical at first glance to the original plugin – may have been injected with scripts or malware to deliberately attack your local machine or website. Unless you are an experienced coder you will not be able to understand if your plugin is actually destroying the security and credibility of your website.
Sometimes you may be lucky and get a clean copy of a plugin – it still has some serious security issues as an unlicensed plugin including – no future updates from the developer which is a security risk of itself. If you aren’t so lucky however, here are some of the dangers you may face.
Malware – Nulled plugins are well known to carry malware and may cause additional popups on your website annoying your users and putting off future customers
PII Breach / GDPR nightmare – If you run an eCommerce store or membership based website especially this is the worst nightmare – your user’s personal information may be breached and shared on the dark web. Worst of all is these hacks are often very difficult to detect.
Mixed licenses – Not all plugins are covered by GPL – some include extra code or software which isn’t covered by GPL and thus the developers have every right to send their lawyers after you. Of course mostly – don’t do it for the unethical reasons nevermind because you don’t want to get sued!
Lack of support – Most plugins include full support from the developers – which is well worth the cost of the plugin!
When you factor in all of these against the low cost of the majority of WordPress plugins, you’ll soon realise it’s simply not worth the risk and by avoiding doing so – you’ll also avoid supporting a slightly unethical industry. Developers have bills to pay too! If cost is your issue, just look for free plugins alternatives!