One of the questions I get most from WordPress Help readers is whether you can still use plugins that indicate that they have not been tested with the latest versions of WordPress.
In this blog many times there are(and will be) tutorials that suggest the use of a Plugin that, when you go to try it, the reader sees that there is a notice that if you look for it in the WordPress.org directory, it indicates that …
This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
And if you look it up in the plugin installer what it tells you is this:
Warning: This plugin has not been tested with your current version of WordPress.
As you may have discovered from the previous screenshots, the plugin is the same, but the message is different.
Why do I get the message that the Plugin has not been tested with the current version or the last 3 versions of WordPress?
Well, there’s no mystery here, and there’s no artificial intelligence involved.
Just that the WordPress.org directory and the installer look for a line of the readme.txt file of the Plugin, and if the compatible WordPress version indicated in it does not match any of the last 3 major versions of WordPress, they show the error message, different in each site.
That line, in the Plugin’s readme.txt file, looks like this:
Tested up to: 5.4.1
In fact, it is a line filled in by the same author of the plugin, and nobody checks if it is true.
For you to see how unimportant this is, I have even found Plugins that in their readme.txt indicate that it has been tested even with WordPress 6.0, so they don’t have to be changing this string so often.
But come on, as a Plugin author you have no excuse, the WordPress.org Plugin team sends automated emails to all Plugin and theme authors every time a new version of WordPress is released.
Here is an example of the email you receive, with lots of version information, and the status of the Tested up to: of your Plugins at the time
So what’s the use of that flashy sign, there, in bright yellow?
Well, to begin with, for one very simple thing: to know that the author of the plugin is a bit lazy, so lazy that he hasn’t even taken the time during the last year, to change that string in the plugin’s readme.txt file.
But don’t think it’s a small thing either, because a plugin author who doesn’t even care about his plugins probably doesn’t attend the forums either, nor does he check the security of his plugins, so in the end, he is actually indicating relevant details, don’t you think?
Will plugins that have not been tested with my version of WordPress work or not?
The short answer is … yes, you can usually use these plugins without problems, they usually work.
In fact, among my favorites I have several plugins with that message, which I use daily in several installations, and they work perfectly.
Note that there are plugins that are almost alien to the WordPress version, they work and will work almost always, because they rely on standard WordPress functions.
I myself have some plugins of mine in which the only thing I update is the well-known Tested up to: every time a new version of WordPress comes out, after checking that it works.
But is it safe to use plugins that have not been tested with the last 3 versions of WordPress?
The short answer is … no, and look where I contradict the previous point because although they are surely plugins that work, that nothing happens, it is never really good to use software poorly updated or not updated at all.
And note that in this case we are talking about something that happens only because the author of the plugin changes a text, but as I said before this is indicative of laziness, and you should not trust plugins that even the author doesn’t review from time to time, as a rule.
And how do you know if a plugin is safe to use?
Given all the above, which I hope has illustrated part of the culture of WordPress and its intricacies, the best method to know if a plugin is safe to install would be so:
- Install it in a test WordPress and check that it works, that it fulfills what you need. Mostly because otherwise what’s the point of starting to do more testing if it doesn’t do what you want?
- During the test installation with the Plugin installed and active, it passes a malware checker, like the one in Sucuri, to see if the Plugin code contains more than you expected.
- Check the plugin code for suspicious external calls, or any bad programming practices that could compromise your website. If you don’t have this knowledge, ask a WordPress developer.
- In the test installation, activate the WordPress debug mode to check if the Plugin generates errors in the installation.
- Check the Plugin’s changelog, to see what and when the latest changes were done, if any.
- Check the Plugin’s forum to see if the author has answered and fixed user problems with your Plugin recently.
- Look for recent feedback on the Plugin in forums and blogs, or ask other users at a local meeting place or WordCamp.
And nothing else, I think that would be enough.
I hope you’ve learned something that I consider basic when using WordPress, and that is to understand what those notices that come out when installing Plugins mean.
Many times it is assumed that the average user will know what these messages imply, but every day I discover that this is not the case, and I hope this article has shed some light on the matter.
Read this post in Spanish: ¿Puedo usar plugins que no se han probado con las últimas versiones de WordPress?