Plugins to Avoid on Shared Hosting

If you are reading this, I assume you are either an experienced WordPress blogger or manager and are therefore aware of the numerous security risks posed by unpatched vulnerabilities in 3rd party plugins. If that’s the case, then you’re probably wondering: ‘How can I be sure that my plugins are patched?’

The simple answer is: You can’t. That’s the unfortunate reality of running a WordPress blog or online store. You open yourself up to risk, even if you use the best plugins and security tools.

But it doesn’t have to be that way. Thanks to the hard work of the security community, Shared Hosting providers have listened to our cries for help and developed a range of services that ensure your plugins and other applications are always up-to-date. And by keeping your applications and website up-to-date, your business can breathe a sigh of relief and continue growing without worries.

Why Should You Avoid Unpatched Plugins?

The major issue with unpatched plugins is simply this: Without the security updates, your plugins will become obsolete. Once the vulnerability is patched, the plugin will become useless, and down-loading it could risk your blog or store being compromised.

The following are just some of the most popular plugins that are at risk of being out-dated due to unpatched security vulnerabilities:

  • Simple Security Notifications
  • Chrome Form Autocomplete Plugin
  • Akismet
  • Contact Form 7
  • Google Maps
  • WordPress SEO by Yoast
  • All In One SEO Pack
  • Revision 3
  • WooCommerce
  • Wise WordPress Theme
  • Maxcdn
  • WP-CLI
  • Contact Form Builder
  • AWeber
  • Gravity Forms
  • Buddha Theme
  • Divi Theme
  • CMS Block
  • MBool
  • Redux Framework
  • Elementor
  • WooCommerce REST API

What About Free Blogging Platforms?

If you’re looking to kick-start a WordPress blog (or online store), then there are a number of free blogging platforms out there. And while these might seem like a viable option for people looking for an easy way to blog, they come with some serious downsides. For example, when you need to update your plugins or applications, you’ll have to do it yourself. And if you’re tech-savvy enough to be updating your plugins and apps manually, then you’re probably skilled enough to handle a simple task like generating an RSS feed from your blog.

Ultimately, the best option is to use a managed WordPress hosting service. These platforms take care of updating your plugins and apps for you so you don’t have to. And they can scale with you so you don’t have to worry about resource usage as your blog grows.

Managed WordPress Hosting Services

Now, don’t get me wrong—there are a variety of unmanaged WordPress hosting services available online. But the problem with these is that you’re largely on your own. While some host platforms offer security updates via a CDN (content delivery network), you’ll still need to monitor security updates for your plugins manually. This is more than frustrating if you’re already using a managed WordPress hosting service, where this role is handled for you.

Fortunately, there is a solution. Even though you’ll be leasing out servers from a third party, you can rest assured that they are certified and fully vetted experts who are on hand to help whenever you need it. Just like that, you’ve cut the stress out of tracking down security updates for your plugins. Your WordPress-managed hosting service will do it for you.

Why is this important? Well, imagine you’re one of the millions of WordPress users who are blissfully unaware that their site is at risk of being hacked or crashes due to a vulnerability in a plugin. Perhaps they’re using an older or neglected plugin, or one that was poorly written in the first place. For whatever reason, when an unpatched plugin is loaded onto your site, it can be an easy target for hackers. And when that happens, it’s usually because they’ve tricked you into loading their code onto your site. Sometimes this can be as simple as putting a link in a tweet, others might try to hack your email to get access to your account.

The bottom line is this: Using an unpatched plugin represents a security risk that you can’t undo. Whether you use a free blogging platform or a managed WordPress hosting service, it’s best to avoid these because they could put your blog or store at risk. In other words, even though using a free blogging platform might seem like a viable option, remember that it’s not completely free. You’re still at risk, albeit to a lesser degree than if you used a proprietary platform.