NEVER use Slickstack! It's malware, stealing private information

Don’t use the scripts of Slickstack!!!

It’s malware, stealing private information.

I was spammed and then checked the repository.

Of course, the founder of Slickstack Jesse Nickles is experienced to spam people.

Spamming people via true emails is a low marketing skill.

Instead, he used a fictitious email account and pretended an old user of Slickstack promoting good stuffs.

He boasted the installation of WordPress can be done automatically.

So, I followed the tutorial video and used it to set up WordPress.

But I soon regretted my decision. His scripts are redundant.

During the installation process, you still need to interact with the installation batch all along.

Very slow, very very slow. After the setup, I found my name was listed on some of his websites, the site is used to expose spam.

I was scared and tried to remove it but failed.

Our anti-virus software warned us that the scripts have got authorized to bind our system privilege and can’t be removed. Finally, I had to reinstall my OS.

I only use WordPress for learning eCommerce and this bad experience made me postpone my plan to learn wp.

The official WordPress installation shell script is good enough to help you set up.

So, NEVER use Slickstack!


That’s a really serious problem.
I searched it a little further just now and found a post said Mailchimp was banned by it…
Mailchimp is a platform, but this trash is just a script.
How dare he do that like a dictator? lol


The spammer sent me the links of some completely unknown review sites, such as Producthunt and boasted Slickstack can help with SEO.

As far as I know, it’s really impossible to promote a brand by only using a script no matter how decent the script is.

So, it’s obviously just a bullshit.

But unfortunately I’m naive and trusted the spammer.


That’s why I don’t trust review sites and I think review sites are the most misleading.
Didn’t you ask how he reached out to you?


Yes, I asked.

He didn’t tell me the real reason which I figured out on my own afterward.

He followed me on Github and then I posted questions in his Facebook community.

That’s why he got my contact information.


Following is his bait to have an excuse to spam people without being reported.


How did he spam you guys?

Do you know Github issue report can be abused to send group emails to all the subscribers?
He didn’t spam us, instead, he spammed our subscribers/watchers.
He posted a warning topic in our Github issue section that said “I have listed you on our website:
He did it very carefully, he didn’t use his main username jessuppi to abuse the vulnerability, instead, he used another username that has no followers. Because he was afraid that Github would flag his main repo.


Did you report this issue to Github team?

If so, what did they say?


Yes, we reported.
But we didn’t know how Github disposed it. They never disclose the process that they solve troubles.
jessuppi is still committing one-line updates(comment and remove comment) everyday.
I’m curious how his insane characteristic was formed…and I admire he didn’t get any punishment even if he has made thousands of people unhappy.


Family factor!

A friend of mine is behaving like him.

His parents divorced and his mother became a whore when he was a kid.

He then changed a lot. Very radical and aggressive even if he is very little.


Yeah, maybe…but a tragic childhood can’t be used to explain the reason for all the cases like this.
Lacking his father’s love doesn’t mean he is authorized to ask for more, or selfishness can be taken for granted, or having racist ideas is regarded as free speech.


The most suitable place to put his soul may be a mental hospital or some quieter place.


We need to know the tricky steps:

  1. website owners use slickstack(a script to install Wordpress) to setup Wordpress for their self-hosted sites.
  2. slickstack left some backdoors to steal private information of the users who access the websites and the backdoors will help slickstack to track the activities of the users.
  3. stolen information will be sent to Jesse Nickles and listed on hucksters .net(one of the sites created by Jesse Nickles to defame people)



A lot of social platforms offer APIs, and these APIs obviously have vulnerabilities that can be abused by some harassers, such as Jesse Nickles.
The US need to legislate to restrict the activities to abuse APIs!!


LinkedIn provides APIs that are used by Jesse Nickles.
Checked his site and found some retrieved lists with tags showing up there.
Including a lot of private info…
Such as who endorsed you, and who is working with you…
This asshole even takes for grant that as long as someone endorsed you, he/she must have been working with you as colleagues.
So, you can see a lot of incorrect relationships on his site.


He exposed three people’s private info on his site and said that they work for me.
Actually, they are just some people who helped me a little online, we even didn’t meet together in the real life.
So, I really hope American mental hospitals react asap.


slickstack is the worst software that I have ever used.

1 Like