Iv seen that msg at the top of some plugin pages that says
This plugin hasn't been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
I'm just wondering if some experienced WordPress developers could comment on this warning message and give us some general guidelines to follow.
Personally i tend to just simply avoid and not use a plugin that is not in active development and that doesn't have a decent number of reviews and downloads but i do have a few questions when i see this warning.
Sometimes i see this warning on a plugin but the support forum seems to be active and other places on the internet seem to be indicating that they use that plugin in tutorials and stuff.
Even if a plugin is fully updated it would be nice to know what experienced WordPress developers look for in a plugin when they decide to use a plugin instead of making one themselves.
I suppose what i really want to know is:
- Do out-dated plugins definitely pose a security risk?
- Is there a way to tell if a out-dated plugin has a security risk?
- besides compatibility issues, is there any reason or signs to look for that might make you decide not to use a plugin?
I know there is some inherent risk with Open Source software but Im interested in learning about and perhaps developing a guide to picking the best free and premium WordPress plugins.
My common sense tells me to steer clear of out dated and poorly rated plugins but I'd appreciate to hear some more specific advice/tips from the horses mouth so to speak, that i could use in writing a guide.