50 Abandoned WordPress Plugins with Vulnerabilities

wordpress plugins vulnerabilities

wordpress plugins vulnerabilitiesWordPress is an open source platform that has increased its popularity among website owners across the globe.

Complimenting to this there are a number of plugins available in the WordPress directory, which are useful for security, backups, file-uploads and much more.

One of the major reasons of threatened site security is vulnerabilities in plugins, and chances for outdated plugins are at higher risks.

Have your WordPress plugins been attacked?

To reduce your panic, I have decided to come up with the list of those plugins that have not been updated and leave the site open for hackers.

1. Limit Login Attempts

This plugin blocks the Internet address after performing a number for failed login attempts making it difficult for brute force attackers.

The author didn’t update the plugin since five years. However, Login Lockdown is the new release and can help with the same.

2. Exclude Pages

It was mainly used to exclude or include pages in the navigation menu in the website. It was not effectively used.

The user would check and uncheck the checkbox to ‘include’ and ‘exclude’ pages respectively. The very last update ocurred five years ago.

3. Quick Adsense

It comes with a facility to randomly places ads anywhere in the post. The author updated this plugin four years back.

Adsense Plugin WP QUADS discontinued the use of Quick Adsense.

4. WordPress HTTPS (SSL)

Though it was effective to many website owners to provide a quite secure layer (SSL), it has now been replaced by the WP Force SSL plugin to remove vulnerable threats.

The last time this WordPress plugin was updated was four years ago.

5. WP SMTP

It offers a functionality to send an email via SMTP. However, with the advancement of plugin-technology, WP Email Template was adopted to send beautifully configured emails via SMTP.

It lost it’s utility three years ago.

6. Plugin Activation Status

This plugin’s used to retrieve the list of plugins that’re installed but not active and those which are active somewhere on the site.

After this, it creates the separate list of the two making a difference. However, it lost it’s utility two years ago.

7. Ultimate Google Analytics

It was mainly considered useful for outbound links and number of downloads from the site.

Instead of this plugin, Google Analytics Dashboard for WP (GADWP) is the latest one as it this is the most outdated plugin which was last updated ten years ago.

8. Testimonials by WooThemes

The function of this WordPress plugin is to embed a testimonials section in your WordPress site. The author last updated this two years ago and thus, it poses a security risk.

9. Google XML Sitemap for Videos

This WordPress plugin was mainly optimized for making video content of all the XML Sitemap.

With the advance plugin technology, it is not favorable to use. It was last updated five years ago.

10. Login Logo

This plugin adds a logo to the login screen. As this plugin did not have any desirable qualities it was abandoned.

The author last updated this years ago.

11. WP Clean Up

This plugin’s main function was to remove all the garbage in WordPress databases, such as spam comments. Now, it is not considered much beneficial as before.

It lost its utility five years ago.

12. WP Htaccess Editor

This is a simple plugin that is used to edit the htaccess file without using FTP client. It is recommended for experienced users and therefore it is considered as an abandoned plugin nowadays.

The very last update occurred three years ago.

13. Font Awesome Icons

It comes with a set of 361 font icons. However, this plugin’s not considered that useful with a limited number of icons.

It was lastly updated four years ago. Being an outdated plugin adds more vulnerability issues.

14. flickrRSS

This WordPress plugin aims to display the entire Flickr images database on WordPress sites. Not being very functional, it lost it’s utility three years ago.

15. Sociable

This plugin creates a bridge between social media platforms and WordPress sites. But with the advancement in the number of social share plugins this plugin can be replaced by WordPress Social Sharing Plugin.

The author updated the plugin four years ago.

16. DB Cache Reloaded Fix

To clear the junk from the WordPress database, this plugin proved immensely beneficial. But unfortunately, it doesn’t function now.

The very last update was five years ago.

17. Custom Post Template

It provides a drop down list to select the different post template for the post edit screen. However, with the upcoming new features, it was gradually abandoned five years ago.

You can use Custom Post UI instead of this plugin.

18. WooCommerce Shortcodes

The aim of WooCommerce Shortcodes was simply to add short codes to enhance the functionality of e-commerce. Later, with advancement, many other plugins are available, out of which you may prefer WooCommerce Customizer.

The most recent update occurred three years ago.

19. Yoast Breadcrumbs

This plugin’s very effective to improve your search engine rankings. Many other plugins contributed to SEO adding more features to it which replaced the plugin.

The author last updated this eight years ago, adding security risks.

20. WP PageNavi Style

As the name, it defines WordPress Page navigation plugin. It is quite beneficial yet has limited functionality.

The developer updated the plugin three years back and now it has been added to the abandoned category.

21. SEO Friendly Images

This WordPress plugin updates the ALT and TITLE attributes of an image. Because of this limited functionality, it wasn’t favorable.

The author has not updated SEO Friendly Images for the past three years.

22. P3 (Plugin Performance Profiler)

This plugin’s useful for creating a WordPress profile of plugins’ performance in order to measure the impact on your site and its load time.

However, it lost it’s utility and was last updated two years ago.

23. Link Manager

As the name itself defines its purpose, this plugin’s aim is to manage URL links. Nowadays, it does not have other useful functionality as is categorized as an abandoned plugin.

It was lastly updated by the author five years ago.

24. Revision Control

This plugin allows the user to enable/disable/limit the number of revisions which are saved for the post/pages. Unfortunately, it was not that remarkable to be used and lost its functionality.

The developer had updated it two years ago.

25. PuSHPress

The function of PuSHPress was to deliver updates to subscribers. Its features focused on the PuSH. Now, it’s useless.

The author updated this plugin two years ago.

26. Platinum SEO Pack

Similar to the other plugins, it functions basically for SEO optimization. Being an outdated plugin, it is considered as an abandoned plugin.

The plugin was last updated four years back.

27. Menu Social Icons

This WordPress plugin’s focus is to transform social media website links into eye-catching icons. Later, with less updates, it lost it’s utility.

The most recent update by the developer was two years ago.

28. Cyr-To-Lat

Being able to convert languages rendered this redundant from WordPress’s repository. The developer released the latest update five years ago.

29. MCE Table Buttons

It was useful when WordPress introduced the table creation option in the visual editor. Later it was not updated by the author for three years.

30. Post-Plugin Library

This plugin’s not used anywhere else other than creating a short form code for different types of posts such as similar post, recent post random posts and so on.

The most recent update happened nine years ago and doesn’t seem to be useful now.

31. Clone Posts

This is a very simple plugin to clone the post and pages inside WordPress site. In regards to functionality, it wasn’t very effective to use.

The author updated it three years ago.

32. WP Page Numbers

It is aimed to provide page numbers to the post instead of links for easy page navigation.

However, it is an abandoned plugin as the most recent update by the developer occurred many years ago.

33. Facebook

It connects Facebook to WordPress site particularly. But with the advance social sharing platforms, this seems limited.

It was updated three years ago when I checked into it.

34. Upcoming Events

The main aim of the Upcoming Events WordPress plugin is to display aggregated upcoming events from the third party feeds and websites.

The developer released its last update ten years ago.

35. WooCommerce Table Rate Shipping Module

It determines the shipping rate on the basis of the cart product price. With the change in technology, this plugin’s no longer considerable.

The most recent update was released four years ago.

36. Growmap Anti Spambot Plugin

The main purpose of this WordPress plugin to add a client side generated checkbox in the comment section to verify the spam comments. Later, it was not found very useful.

The author last updated this WordPress plugin three years ago.

37. WP Robots Txt

This plugin adds a robot.txt file dynamically into the WP application. However, this plugin lost its functionality and was categorized as abandoned.

The most recent update occurred four years ago.

38. Google XML Sitemaps v3 for qTranslate

It generates an “XML Sitemap” which will help search engines like Google, Bing, and Yahoo to find your content, even compatible with multiple languages.

The last release of this WordPress plugin occurred three years ago.

39. Configure SMTP

This plugin’s focused mainly to send SMTP email via SSL/TLS. It was later abandoned as no new version was released since six years ago.

40. Get the Image

This plugin’s simply used to grab images for small blogs to very large enterprise level like WordPress.

The author last updated this plugin three years ago.

41. Croissanga

You need a Xanga account to use this plugin. By using this plugin you can add, delete or edit the posts directly from WordPress.

With the increasing functionality in WordPress plugins, it was replaced by Frontier Post plugin.

The most recent update happened ten years ago.

42. Pushit

The main purpose of this WordPress plugin is to provide a mobile interface to send the posts to your friends via email or SMS.

Later this plugin lost its popularity with the advanced social media.

It was updated eight years ago.

43. Social Dropdown

It provides a lot of social bookmarking options in a dropdown. However, this plugin lost its functionality and is considered as abandoned.

The last release was about nine years ago.

44. Babel

This is a very useful plugin as it allows the blogger to write their post in multiple languages. it lost it’s utility twelve years ago.

45. Widget Live Editor

The main functionality is to resize widget images and provide drag-drop framework.

It has been abandoned, as it has had no updates since three years ago.

46. WP Simple Sitemap

Unlike other Sitemap plugins, it does not display a link to the homepage or any categories of the posts.

This plugin’s too old to be used as it was updated nine years ago.

47. Spell Checker

It is a very simple plugin to remove spelling errors in the posts within the administration pages.

However, the author has made no updates to this plugins in the past twelve years.

48. SmartShare

This is an interesting plugin to add social share buttons using JavaScript.

With the advancement in sharing plugins, this WordPress plugin is now considered abandoned.

The most recent update occurred six years back.

49. WP e-Commerce Fat Zebra Gateway

This plugin provides a bridge between the WooCommerce and Fat Zebra Payment gateway, an Australian gateway method.

Later, with the advance secure payments procedure, this method was not recognized.

The plugin released its latest version five years ago.

50. TransDeluxe

This plugin’s simply used to translate your blog into 48 different languages.

This plugin hasn’t been updated by the developer since seven years ago, which adds security risk using it.

Wrapping up

Plugins are the most prominent part to boost site performance.

Next, when you evaluate plugins for improving your WordPress website this post will help you eliminate the risk of downloading the wrong one that is prone to brute force attacks.

Stay Updated! Stay Safe!

About the Author

Anil Parmar is the co-founder of Glorywebs, a custom wordpress website development company aiming to help clients with services like web design, digital marketing and more. Themes & plugins we develop have a common # 1 goal: Keep it as simple as possible for technical as well as non-tech geeks. Find him on Twitter @abparmar99 & say Hi!

Featured image:

wordpress plugins vulnerabilities

 

 

 

Image source: threatpost

Get More Killer Tips

Subscribe To Our Mailing List And Get Interesting Stuff And Updates To Your Email Inbox

Thank you for subscribing.

Something went wrong.

Select Language

Get more killer tips like these
in your inbox

Subscribe To Our Mailing List And Get Interesting Stuff And Updates To Your Email Inbox

Thank you for subscribing.

Something went wrong.