Title: ¿Deactivated plugin insecure?
Last modified: August 20, 2016

---

# ¿Deactivated plugin insecure?

 *  [mastereklipse](https://wordpress.org/support/users/mastereklipse/)
 * (@mastereklipse)
 * [14 years, 6 months ago](https://wordpress.org/support/topic/deactivated-plugin-insecure/)
 * I had an unusual request from the personal who is hosting my site.
 * I found one plugin that caused a successful hack attack few days ago.
    After 
   I solved the problem I disabled it.
 * The technical supports is saying that is not enough.
    In his personal words:
 * “Unfortunately disabling the plugin won’t be enough as the files are still there
   and can easily be accessed by anyone just by browsing your plugins folder.
    At
   this point I would recommend replacing the plugin with another one, preferably
   one that is updated often so that these issues do not reoccur.”
 * Is this true? Is there a way that a disabled plugin represent a threat?
    Thanks
   you

Viewing 1 replies (of 1 total)

 *  [Samuel B](https://wordpress.org/support/users/samboll/)
 * (@samboll)
 * [14 years, 6 months ago](https://wordpress.org/support/topic/deactivated-plugin-insecure/#post-2369773)
 * > Is this true? Is there a way that a disabled plugin represent a threat?
 * definitely – if a file is on the server it’s still open to hacking

Viewing 1 replies (of 1 total)

The topic ‘¿Deactivated plugin insecure?’ is closed to new replies.

## Tags

 * [disabled](https://wordpress.org/support/topic-tag/disabled/)

 * 1 reply
 * 2 participants
 * Last reply from: [Samuel B](https://wordpress.org/support/users/samboll/)
 * Last activity: [14 years, 6 months ago](https://wordpress.org/support/topic/deactivated-plugin-insecure/#post-2369773)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics