{"id":21497,"date":"2023-10-25T11:38:41","date_gmt":"2023-10-25T09:38:41","guid":{"rendered":"https:\/\/wpbeveiligen.nl\/?p=21497"},"modified":"2023-07-13T11:40:15","modified_gmt":"2023-07-13T09:40:15","slug":"is-this-wordpress-plugin-still-safe","status":"publish","type":"post","link":"https:\/\/wpbeveiligen.nl\/en\/is-this-wordpress-plugin-still-safe\/","title":{"rendered":"Is this WordPress plugin still safe?"},"content":{"rendered":"

When adding plugins, you may sometimes see a notification stating that the plugin hasn’t been updated for more than 2 years.<\/p>\n

Does this necessarily mean that the plugin is insecure?<\/h2>\n

Some plugins have simple functions with only a few lines of code that don’t need to be updated.
\nUpdating a plugin is only necessary when it contains vulnerabilities that can be exploited by hackers.<\/p>\n

How to determine if a plugin is still secure<\/h2>\n

\"wordpress<\/a><\/strong><\/p>\n

One way to find out if a plugin is vulnerable is through www.wpvulndb.com<\/a><\/strong>.
\nAt the time of writing, this website has registered over 8000 vulnerabilities in plugins and themes.
\nUse the search bar to check your plugin.<\/p>\n

\"\"<\/a><\/p>\n

If you are a programmer, you can also perform a check using WPscan<\/a>.<\/strong>
\nThis is a bit more complicated and requires knowledge of various software and operating systems.<\/p>\n

\"search<\/a><\/p>\n

Another method to check is by entering the plugin name in Google’s search engine<\/strong>.
\nGoogle the name of the plugin + hack, hacked, malware, injection. Do this primarily in English as you’ll have the greatest chance of getting results.<\/p>\n

What to do if a plugin is outdated or vulnerable?<\/h2>\n

WordPress currently has more than 51,000+ plugins<\/a>.<\/strong>
\nThere is a good chance that you can easily find an alternative plugin that can fulfill the same role.<\/p>\n

Above all, do not take any risks if the plugin is on the list of www.wpvulndb.com<\/a>.<\/p><\/blockquote>\n

Automated scripts test thousands of websites daily for vulnerable plugins.
\nThese scripts quickly find your website via Google and inject advertising<\/a> or malware<\/a> into your website.<\/p>\n","protected":false},"excerpt":{"rendered":"

When adding plugins, you may sometimes see a notification stating that the plugin hasn’t been updated for more than 2 years. Does this necessarily mean that the plugin is insecure? Some plugins have simple functions with only a few lines of code that don’t need to be updated. Updating a plugin is only necessary when […]<\/p>\n","protected":false},"author":4,"featured_media":9314,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[200],"tags":[],"_links":{"self":[{"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/posts\/21497"}],"collection":[{"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/comments?post=21497"}],"version-history":[{"count":0,"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/posts\/21497\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/media\/9314"}],"wp:attachment":[{"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/media?parent=21497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/categories?post=21497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpbeveiligen.nl\/wp-json\/wp\/v2\/tags?post=21497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}