What Does It Mean When WordPress Removes a Plugin?

Expect the unexpected.
Expect the Unexpected.

Just today WordFence notified me that the Feedburner WordPress plugin had been removed from WordPress.org. What does that exactly mean for you?

When a plugin is removed from WordPress.org it means either the plugin has been compromised, it does not work with current WordPress versions,  or that it has been abandoned.  Plugins cannot work with current  versions of WordPress if the plugin author is not doing regular updates.

WordPress.org polices their plugin archive and if a plugin may cause problems with new versions of WordPress they tag it. WordFence, which we use for security management of WordPress applications, scans the WordPress.org archive and advises us if plugins in use in a client WordPress installation are up to date.

There have been several instances lately where plugins dropped from WordPress.org had been used by bad actors on the web to send out malware and to spamvertise a website.

My rule is that if the plugin has been removed from WordPress.org, we remove it from our client sites. Find out more about this topic today.

Share