I’m not sure if my question is appropriate here, apologies in advance but I am confused and need some helpful thoughts!
We were using this plugin for our site , which has recently been removed from the WordPress site, and replaced with a suggested alternative. The alternative is very expensive and beyond our budget.
My site recently got hacked, and some spam links were included in some of the plugin files, including this one.
As the plugin is no longer supported, and hence there won’t be any security updates, is this a source of vulnerability?
2 Answers
There is no definite answer as each plugin, whether available in a repo or not, should be handled on its own merit. Also, who says that that plugin caused your site to get hacked, it might have being a loophole in another plugin or even your theme.
Just in general, one should avoid using plugins and themes that are not actively being maintained as it does have an increased security vulnerability