Plugin Support
WFAdam
(@wfadam)
Hello @mikeharrison and thanks for reaching out to us!
From our docs:
This scan result means that a plugin has not been updated in 2 years or more. This can be a problem, because it means that the plugin author has not made any changes for a long period of time. Sometimes that means it won’t be fully compatible with newer WordPress versions, reported bugs may not be fixed, and new security issues might not be addressed.
The scan result also shows if this plugin has a known security issue that has not been fixed. If that is the case, it is recommended that you remove the plugin as soon as possible, and replace it with a different plugin if you need the same functionality.
There are two types of alerts for abandoned plugins: Medium and Critical alert. An abandoned plugin will generate a Medium alert. If the plugin also has unpatched security vulnerabilities, the scan result will be Critical. Plugins that are abandoned should be evaluated in terms of what risk they may pose. Unless you know that the code in the plugin is safe, you should start looking for a replacement. Plugins with unpatched vulnerabilities should always be removed.
Which plugin is it? If its not in the WordPress repository, then this is just a warning for you in the scan results. If you know its a safe plugin, you can ignore the results. We don’t recommend using plugins from outside of the repository unless they are premium plugins from known suppliers.
Let me know if you have any questions!
Thanks again!
Thanks, Adam.
Yes, I had read the documentation, but was unclear as to how concerned I should be. After the website was hacked six years ago, it’s something I don’t want to go through again.
The plugin in question is the tPlayer Audio Player for WordPress, found on the Code Canyon site. But I have begun the search for a suitable replacement.
So, until I can replace the plugin, I can consider it not to be a vulnerability, as it is current?
