Check out the article from wordfence regarding abandoned and out-of-date wordpress plugins. There are thousands of plugins available on the wordpress repository. Their use can greatly amplify the usefulness of the wordpress platform. However, as the article points out, many have not been updated in years, and may contain vulnerabilities. It is best to stick with plugins that have been updated recently, and also have a wide user base. This is not to say that a plugin with only 50 users is problematic, but rather realize that it is untested. Find a plugin that has at least 1000 users, and furthermore, check out the feedback on the author’s site. If there is any doubt about a particular plugin, it is possible to search the vulnerability database for issues. If there are any plugins on your site that are found to have vulnerabilities or have been abandoned by the author, it is best to deactivate and delete them. Begin your search for another similar product, or do without. At the end of the day, the more plugins one uses, the greater the risk to the site. Deactivate and delete any plugins that are unused or unnecessary.