SecurityCategory

Why you should remove WordPress themes and unused plugins

3 min read
Christopher Carfi
trash sign

Editor's Note: This article was first published on July 28, 2014. It was updated on October 28, 2018.

Developing a WordPress site is often an iterative process. Because WordPress is so flexible, you tend to try many different layouts, themes, and plugins. Then, you finally land on a configuration that meets your needs, is aesthetically pleasing, and performs reliably.

You then look in your admin panel and notice that there are a dozen different themes you've downloaded, as well as the six different social sharing plugins you tried before getting everything just right. But then you start posting articles and get into your groove and sort of forget about the cruft that's sitting around.

Let's be clear. You need to remove WordPress themes and plugins that are no longer active. There is no good reason to keep these unused assets.

Remove WordPress themes and plugins to improve security

Security is the main reason you should remove old themes and plugins. From a security standpoint, a malicious individual might discover an exploit that leverages those unused themes and plugins.

For example, in 2011 an image resizing utility called TimThumb that was included in many themes was discovered to be vulnerable to attack. If you had a theme that used TimThumb, it was susceptible. Back then there was a massive amount of themes using this utility and all of these were vulnerable.

It's easy to forget about old themes you tried and didn't use. But each one of these old and unused themes needs to be removed because each is an opening for security issues.

Remove WordPress themes and plugins to improve performance

In addition to the security aspect, removing unused plugins and themes help in a host of other ancillary areas: reducing complexity and confusion when other people work on your site, reduction in the size of your backups, and perhaps even a nominal performance improvement.

Any small improvement in website performance can and will help with visitor satisfaction. This means it is worth the time to do what you can to improve website performance. Deleting these old themes and plugins is a quick and easy way to assist in these efforts.

If you want to know the full performance impact of the various plugins in your WordPress installation, check out the Plugin Performance Profiler (P3) plugin by Kurt Payne. It will show you a graphical representation of how each plugin in your installation is affecting your site's performance.

Just make it happen

Getting rid of extraneous plugins and themes is straightforward. All of your WordPress themes and plugins are listed in your admin panel, so each one can be deleted with a click. It's fast, easy, and it's a great way to help keep your website fast and secure.

So go do it the next time you log in!

Simply head on over to the menu items listed as Appearance -> Themes and Plugins. Review the list of assets you have installed and take a few minuted to remove WordPress themes and plugins that are no longer in use.

Products Used