Mark Maunder, CEO of Wordfence said:
I did manage to connect with Ciprian Popescu, author of the Finance Calculator plugin, that Soiza says he purchased, and Ciprian was kind enough to share the details with me.
Soiza contacted Ciprian early this year and used an alias of “Kevin Danna”. He expressed interest in buying Finance Calculator.
Soiza then purchased Finance Calculator for $600. During his communication with Ciprian, Mason Soiza appeared to make an error and he accidentally signed one of his emails from the Kevin Danna alias as “Mason”.
Soiza also appears to use the Kevin Danna alias on WordPress forums.
Ciprian told me that for some reason, Soiza never updated the plugin after he purchased it. After learning about what happened with Display Widgets, he has taken back control of the Finance Calculator plugin, revoked Soiza’s access and confirmed that it is malware free. I received this message from him:
I can confirm that my plugin has not been tampered with. I have pushed an update to remove the ‘financecalculator’ committer, which was Mason Soiza. I am in the process of updating more stuff, such as rewriting some code for a smaller footprint; but the plugin is fully functional and malware-free.
The plugin was abandoned, not updated in months, and I wanted to give it away. Mason Soiza jumped at this opportunity and made an offer to purchase the plugin. After the purchase was completed, he became a committer on WordPress.org and was supposed to take over the plugin and remove me from the plugin maintainers. Luckily, he never did it, and I was able to take it back, remove him and release an updated version of the plugin.
The plugin was never touched or tampered with since the purchase. See the revision log below:
Read the full story on Wordfence blog.