Login

Tag Archives: Speed Optimizer

Plugin Security Scorecard Grade for Speed Optimizer

Checked on April 3, 2025
C+

See issues causing the plugin to get less than A+ grade

21 Dec 2023

SiteGround’s Response to Their WordPress Plugins’ Tracking in Violation of WordPress Guidelines is to Continue Doing It

Last Friday, we noted that a major web host, SiteGround, was using their two 1+ million install WordPress plugins to collect data on websites using them in violation of the guidelines of the WordPress Plugin Directory by doing that without consent. On Monday, we noted that they also appeared to be inadvertently tracking users of the plugins, also in violation of those guidelines. We reached out to the team running the plugin directory on Friday about the first issue, but have yet to hear back from them and no change has been made. SiteGround has responded to part of the second issue, saying they will continue to do things in a way that causes unnecessary tracking and is in clear violation of the guidelines.

Making the situation a lot more problematic is, as we noted previously, that SiteGround sponsors one of the team reps for the team running the plugin directory. We reached out to that team rep about this on Twitter (X), but have gotten no response from them. At best, SiteGround is being allowed to sponsor a team member while not bothering to adhere to the guidelines of the plugin directory with their own plugins. [Read more]

18 Dec 2023

SiteGround’s 1+ Million Install WordPress Plugins Also Contain Apparently Inadvertent Tracking

On Friday, we noted the web host SiteGrounds 1+ million install WordPress plugins Security Optimizer and Speed Optimizer are collecting a lot of website data from those installing the plugin without consent. That is in violation of the guidelines of the WordPress Plugin Directory. SiteGround sponsors one of the team reps for the team running that. It turns out SiteGround is doing more tracking in those plugins, though it looks like this tracking is inadvertent, though also in violation of the guidelines.

Guideline 7, “Plugins may not track users without their consent.”, mentions as example of a violation, “Offloading assets (including images and scripts) that are unrelated to a service.” Someone going by the handle JCV posted on the support forum for Security Optimizer that some of the plugin’s “fonts or pics are externally hosted.” We confirmed that was the case, and that is unrelated to a service, so it is a clear violation of the guidelines. It also occurs with Speed Optimizer. [Read more]

15 Dec 2023

Two 1+ Million WordPress Plugins From SiteGround, Sponsor of Plugin Review Team Rep, Collecting Website Data Without Consent

Guideline 7 of the WordPress Plugin Directory’s Detailed Plugin Guidelines, “Plugins may not track users without their consent”, states that an example of a violation would be “Automated collection of user data without explicit confirmation from the user.” That is being publicly stated to be violated by two 1+ million plugins right on the Plugin Directory. The first is Security Optimizer, which states at the end of its description:

Data Collection [Read more]