Security Concern — Suspicious files found inside plugin folder

Shortly after installing this plugin, my WordPress site was compromised. During the cleanup process, suspicious hidden files were discovered inside this plugin’s images/ folder, including hidden backdoor files that did not belong to any legitimate plugin.

The timing of the compromise directly correlated with the installation of this plugin. I am not making a definitive accusation, but the evidence was concerning enough that I removed the plugin entirely as part of my security cleanup.

I would strongly recommend other users have proper security monitoring (such as Wordfence or Sucuri) in place before installing this plugin, and to regularly scan their site for unexpected files.

I have also reported this to the WordPress security team for further investigation.