Here's the live Plugin Risk Score for WPvivid — Backup, Migration & Staging by wpvividplugins, scored across five factors pulled from the WordPress.org Plugin API.
As of June 2026, WPvivid — Backup, Migration & Staging scores 87% — Low Risk — on Plugin Risk Score, based on five live signals from the WordPress.org Plugin API. Its weakest area is support responsiveness (poor support track record).
wpvivid-backuprestore
by wpvividplugins
WPvivid — Backup, Migration & Staging scores 87% on Plugin Risk Score, rated Low Risk. The score combines five live signals from WordPress.org: update recency, WordPress compatibility, active installs, user ratings, and support responsiveness.
WPvivid — Backup, Migration & Staging was last updated Jun 2026. Recently maintained.
WPvivid — Backup, Migration & Staging is tested up to WordPress 7.0. Compatible with current WordPress.
WPvivid — Backup, Migration & Staging reports 1M+ downloads. Widely used and battle-tested.
Every check pulls live data from the WordPress.org Plugin API. Each of the five factors below is graded green, amber, or red — worth 3, 2, or 1 points. We total them, divide by the maximum, and turn it into a percentage. 75%+ is Low Risk, 50–74% is Moderate, anything below 50% is High Risk.
How long it's been since the developer last shipped a release to WordPress.org.
Plugins that go quiet for a year or more typically aren't getting security patches. Three years without an update is effectively abandoned.
How recent a version of WordPress the developer has explicitly tested the plugin against.
WordPress ships major releases roughly every four months. A plugin that hasn't been tested against the current branch may break, conflict with core changes, or quietly fail on newer PHP versions.
How many live WordPress sites are running this plugin right now.
A large install base means real-world testing across thousands of stacks, and a higher chance someone has already reported any nasty edge case. Tiny plugins can be brilliant, but they get less scrutiny.
The average WordPress.org user rating, weighted by how many ratings the plugin has received.
Ratings expose what the changelog won't — frequent breakage, dark patterns, support that ghosts you. A handful of five-star reviews from a brand-new plugin isn't meaningful, so we flag low sample sizes amber regardless of the score.
The percentage of support threads in the plugin's WordPress.org forum that the developer has marked resolved.
It's the cleanest available signal that someone is actually behind the wheel. A plugin with a healthy install base but a dead support forum is a plugin you'll be debugging alone.
One nuance worth flagging: the Last Updated check counts double when a plugin is more than three years old. Abandonment is the single strongest risk signal, so we weight it accordingly rather than letting a healthy install base mask a long-dead codebase.
A score is only useful if it leads to a decision. Here's how we'd act on each verdict, based on a decade of cleaning up WordPress sites that didn't.
You're probably fine. A few habits to keep it that way.
Worth a closer look before — or instead of — installing.
Treat this as a real exposure and plan a way out.
Risk scores for some of the most-installed plugins on WordPress.org.
Guides on vetting WordPress plugins and dealing with risky ones.
A high star average on a WordPress plugin means less than you think. Here's how to read reviews properly and spot the patterns that mislead most site owners.
Active installs signal how battle-tested a plugin is — but the number is widely misread. Here's what the thresholds actually mean, and when they matter most.
The "tested up to" badge on every WordPress plugin page is widely misread. Here's what it actually tells you — and what to do when it lags behind.