Overview

Plugins and themes are one of the great things about WordPress, they allow you to extend the functionality or look of your website with minimal effort or complex coding. Most WordPress plugin and theme developers are committed to releasing bug fixes, security improvements and new feature updates to encourage their continued use and compatibility with your WordPress website.

Unfortunately developers can often stop updating their plugins for various reasons, most commonly they have given up on the project or moved on to more lucrative projects. No matter the reason for the developer moving on, you now have a growing security liability in the form of a now abandoned plugin or theme.

Warning

When a theme or plugin becomes abandoned it no longer receives bug fixes or security improvements and instead becomes a target for malicious users.

How can I check?

The best way to check for abandoned plugins is via WordFence Scan.
WordFence will alert you to any abandoned plugins or themes:
abandoned wordpress plugins and themes
You can see in the above example, this plugin was last updated May 29th, 2018.

What Can I Do?

Check if a license is available from the developer, unlicensed paid plugins do not receive updates.
If a license is unavailable you should look at changing to an alternative plugin or theme.

Warning

Failure to update or replace an abandoned plugin or theme may result in your website being defaced or if it’s used for malicious activities it will be suspended.

Conetix offers Managed WordPress packages that include checks for abandoned plugins. We also constantly monitor for security updates and apply them immediately. Contact us if you would like to find out more.

Was this article helpful?

Related Articles