They can then be installed easily and without thought, by users that don't know the implications.
You can install a plugin with syntax error in it and then just get a blank screen.
Perhaps giving plugins unregulated access to server-side code isn't ideal?
It’s your web hosting provider duty.
Surely there must be a better way?
Just keep it up to date, and follow the support forums related to the plugin. Security holes sometimes come from old plugins that are no longer updated (but you don’t know and just install it anyway).
Using official plugins or paid plugins must be better (since you could easily complain about things).
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
You can install a plugin with syntax error in it and then just get a blank screen.
It’s your web hosting provider duty.
Just keep it up to date, and follow the support forums related to the plugin. Security holes sometimes come from old plugins that are no longer updated (but you don’t know and just install it anyway).
Using official plugins or paid plugins must be better (since you could easily complain about things).