{"id":171697,"date":"2018-04-27T13:00:03","date_gmt":"2018-04-27T13:00:03","guid":{"rendered":"https:\/\/premium.wpmudev.org\/blog\/?p=171697"},"modified":"2018-04-24T16:41:11","modified_gmt":"2018-04-24T16:41:11","slug":"is-that-wordpress-plugin-safe-15-warning-signs-to-skip-downloading","status":"publish","type":"post","link":"https:\/\/wpmudev.com\/blog\/is-that-wordpress-plugin-safe-15-warning-signs-to-skip-downloading\/","title":{"rendered":"Is That WordPress Plugin Safe? Warning Signs to Skip Downloading"},"content":{"rendered":"<p>Even the smallest and simplest of WordPress websites needs plugins. Akismet is a must if the site has a blog. A security plugin like <a href=\"https:\/\/wpmudev.com\/blog\/get-the-most-out-of-defender-and-maximize-wordpress-security\/\" target=\"_blank\" rel=\"noopener\">Defender<\/a> is non-negotiable. And a solid <a href=\"https:\/\/wordpress.org\/plugins\/forminator\/\" rel=\"noopener\" target=\"_blank\">contact form<\/a> is needed if you intend on collecting leads.<\/p>\n<p>For the most part, though, we know that these commonly used and referenced WordPress plugins are safe. They come with millions of downloads, high ratings, and plugin developers who\u2019ve worked hard to build a positive reputation in the community by creating error-free plugins and providing top-notch support.<\/p>\n<p>But what about everything else? How do you know if that seemingly popular WordPress plugin (that would really do wonders for your site) is safe to use? With plugins, unfortunately, being responsible for a high percentage of security breaches (<a href=\"https:\/\/www.wordfence.com\/blog\/2016\/03\/attackers-gain-access-wordpress-sites\/\" rel=\"noopener\" target=\"_blank\">Wordfence<\/a> last put that number at 55.9%), it\u2019s kind of scary to think that any decision you make to use one is a dangerous gamble.<\/p>\n<p>What I\u2019d like to do now is talk about how you can tell if a WordPress plugin is safe. Specifically, I\u2019m going to share the warning signs you should pay attention to that will let you know when it\u2019s best to skip downloading one.<\/p>\n<h2>Warning Signs That a WordPress Plugin Is Unsafe<\/h2>\n<p>I always feel bad having to put this advisory out there about WordPress plugins because, really, they\u2019re great. When they\u2019re coded well and properly managed, they can do wonderful things inside of WordPress. But that\u2019s sadly not always the case.<\/p>\n<p>Sometimes you get a plugin that was made by a newbie developer just hoping to make some money, but who didn\u2019t put the right amount of time into coding it. There are also times when you run into a plugin that <em>is<\/em> coded well, but an errant line of code conflicts with another plugin and tears your whole site down in an instant. And, of course, there\u2019s always the <a href=\"https:\/\/wpmudev.com\/blog\/do-you-know-why-hackers-are-targeting-your-wordpress-site\/\" target=\"_blank\" rel=\"noopener\">risk of a hacker<\/a> or <a href=\"https:\/\/wpmudev.com\/blog\/fake-wordpress-plugins-what-you-need-to-know\/\" target=\"_blank\" rel=\"noopener\">fake WordPress developer<\/a> getting their hands on it.<\/p>\n<p>So, this means you need to be extra vigilant about which ones you let inside&#8211;even if the original developer\u2019s intentions were good.<\/p>\n<p>In order to be diligent, you should know how to spot the warning signs of a bad WordPress plugin. First, start by using a system of checks to <a href=\"https:\/\/wpmudev.com\/blog\/determining-quality-free-wordpress-plugin\/\" target=\"_blank\" rel=\"noopener\">make sure the plugin is the right one<\/a> for your site. Then, you can start digging deeper to see if you can spot any of the warning signs.<\/p>\n<h3>1. The Plugin Repository Looks Odd<\/h3>\n<p>Let\u2019s start with where you\u2019re hunting down these WordPress plugins. For instance, say you were interested in finding a plugin that adds a feature that\u2019s not too commonplace. You do a Google search for the feature (like \u201cgender reveal plugin\u201d) and the top results point you to a number of independent WordPress developer websites that claim to sell a plugin that does just that.<\/p>\n<p>Some warning bells should be going off in your head, in that case. While it doesn\u2019t mean that the source of the plugin can\u2019t be trusted if you get to the site and it looks like it was built in the early \u201800s and there\u2019s no way to contact the developer except through an email address at AOL\u2026 well, that\u2019s a huge red flag.<\/p>\n<p>In general, always look for WordPress plugins that come from reputable sources. Start with:<\/p>\n<ul>\n<li><a href=\"https:\/\/wordpress.org\/plugins\/\" rel=\"noopener\" target=\"_blank\">The WordPress plugins repository<\/a><\/li>\n<li>Plugin marketplaces like <a href=\"https:\/\/codecanyon.net\/\" rel=\"noopener\" target=\"_blank\">CodeCanyon<\/a><\/li>\n<li>WordPress plugin developer sites like <a href=\"https:\/\/wpmudev.com\/projects\/category\/plugins\/\" target=\"_blank\" rel=\"noopener\">WPMU DEV<\/a><\/li>\n<\/ul>\n<figure id=\"attachment_208733\" class=\"wp-caption aligncenter\" data-caption=\"true\"><a rel=\"lightbox[171697]\" class=\"blog-thumbnail\" href=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/wpmu-dev-plugins.png\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-208733\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/wpmu-dev-plugins.png\" alt=\"WPMU DEV Plugins\" width=\"600\" height=\"284\" \/><\/a><figcaption class=\"wp-caption-text\">You can trust WPMU DEV plugins!<\/figcaption><\/figure>\n<p>If you start there, you\u2019ll greatly reduce the chances of running into a bad apple on your travels.<\/p>\n<h3>2. A Tarnished Developer Reputation<\/h3>\n<p>Next, look at the plugin developer\u2019s reputation. You don\u2019t necessarily need to know who the person is, where they live, what their educational background is, or anything like that (unless you\u2019re curious). What you\u2019re looking for here are red flags that tip you off to something not being right.<\/p>\n<p>Here are some of the warning signs:<\/p>\n<ul>\n<li>They are a brand new owner of the plugin and have no prior history as a developer, which might mean they purchased a somewhat popular plugin to use it as a vehicle to inject malicious code into websites.<\/li>\n<li>A Google search of their name doesn\u2019t pull up any results. Not even their own WordPress website.<\/li>\n<li>Or, a Google search of their name does yield results, but you see things like, \u201cDon\u2019t trust [developer name]\u201d or \u201c[Developer name] is a fraud.\u201d<\/li>\n<li>Clicking on their name in the WordPress repository or CodeCanyon marketplace pulls up a website that is seriously outdated and throwing up red flags of its own.<\/li>\n<\/ul>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/CodeCanyon-Author-Status.png\" alt=\"CodeCanyon Author Status\" width=\"600\" height=\"390\" \/> <\/div>\n<p>The nice thing about the CodeCanyon marketplace is that it provides statuses and awards for plugin authors based on sales, achievements, and ratings. So, if you\u2019re really worried about who the person or team is behind the plugin, you can look there for validation.<\/p>\n<h3>3. The Plugin Is Deemed Unsafe<\/h3>\n<p>Of course, you also should look into the reputation of the WordPress plugin itself. Like I said earlier, sometimes the developer didn\u2019t even mean to introduce bad code into the plugin or they were just too new to know any better. So, even if they have a squeaky-clean image, the plugin might not.<\/p>\n<p>There are a number of elements you can check that will help you verify the safety of a WordPress plugin, but for this one, I want to focus on explicit mentions that a plugin is not safe for use. This means going to Google and searching for words like \u201cunsafe,\u201d \u201chacked,\u201d and \u201ccompromised\u201d in conjunction with the name of the plugin. If you see any results that provide proof of safety concerns, walk away.<\/p>\n<h3>4. The Code Looks Suspicious<\/h3>\n<p>This one might not be the easiest to verify since not everyone knows how to write code for a plugin. However, if you\u2019re familiar enough with what the file structure and directives look like, you can at least check to make sure all the essentials are in place.<\/p>\n<p>You can use the WordPress Codex guide to <a href=\"https:\/\/codex.wordpress.org\/Writing_a_Plugin\" rel=\"noopener\" target=\"_blank\">Writing a Plugin<\/a> to do this. Remove the required code from the file and focus just on what remains. If anything looks suspicious, get out of there and find a new plugin.<\/p>\n<h3>5. Not Enough Downloads<\/h3>\n<p>In WordPress, you will be able to see the number of active installations:<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/Active-Installations.png\" alt=\"Active Installations\" width=\"600\" height=\"262\" \/> <\/div>\n<p>This is great since you\u2019re not just seeing how many people may have downloaded and later removed the plugin. It\u2019s the number of websites that currently have it installed, which is a good indicator of trustworthiness.<\/p>\n<p>Plugin marketplaces include numbers like total sales, which are good too, though you\u2019ll have to rely on other data to confirm that they really mean anything:<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/Total-Sales.png\" alt=\"Post image\" aria-hidden=\"true\" width=\"600\" height=\"304\" \/> <\/div>\n<p>In general, I would suggest avoiding WordPress plugins with less than 1,000 downloads. Really, you should want a higher number than that (probably more like 5,000), but sometimes that\u2019s not possible if it\u2019s a brand new feature that hasn\u2019t caught on yet or a plugin that handles something not commonly used.<\/p>\n<h3>6. Incompatible with the Latest WordPress Version<\/h3>\n<p>When scoping out WordPress plugins in the repository, there are two statistics you will want to look at as it pertains to the WordPress version:<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/WordPress-Version.png\" alt=\"Post image\" aria-hidden=\"true\" width=\"600\" height=\"403\" \/> <\/div>\n<p>The \u201cRequires WordPress Version\u201d will let you know how far back your WordPress version can go in order to work properly with the plugin. That said, you really should never be letting your site run on an <a href=\"https:\/\/wpmudev.com\/blog\/auto-update-wordpress-themes-plugins\/\" target=\"_blank\" rel=\"noopener\">old version of WordPress<\/a>.<\/p>\n<p>\u201cTested up to\u201d is the other field to look at here. This one will tell you if it\u2019s compatible with the latest and greatest core update. If it\u2019s not, but the last WordPress update recently went out in the last couple of days, give it a couple more. If the plugin hasn\u2019t updated to the latest version by then, skip it.<\/p>\n<p>And, if you see this message, run:<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/Untested-Plugin.png\" alt=\"Post image\" aria-hidden=\"true\" width=\"600\" height=\"250\" \/> <\/div>\n<h3>7. Not Updated Recently or Frequently Enough<\/h3>\n<p>It\u2019s not just important that a WordPress plugin has been updated recently. It also needs to be updated frequently.<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/Last-updated.png\" alt=\"Post image\" aria-hidden=\"true\" width=\"600\" height=\"369\" \/> <\/div>\n<p>In both WordPress and plugin marketplaces, you can find out how long it\u2019s been since the last update. Anything older than three months really shouldn\u2019t be used. That said, there are some plugins that are highly simplistic in nature and may not need much change with each new core release. So, three months is ideal, but one year should be the breaking point.<\/p>\n<h3>8. The Ratings Aren\u2019t Great<\/h3>\n<p>Ratings and reviews are really important in this day and age. Think of websites like Yelp or TripAdvisor that can instantly turn you off to a restaurant simply by showing you anything less than a four-star rating. The same happens with WordPress plugins and rightfully so:<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/Poor-Ratings.png\" alt=\"Post image\" aria-hidden=\"true\" width=\"600\" height=\"319\" \/> <\/div>\n<p>You can\u2019t tell me that this abysmal plugin rating doesn\u2019t make you instantly want to hit the back button. Even if poor ratings came from a time when the plugin was new and still in progress, that\u2019s still not a very good reflection on the developer or the tool.<\/p>\n<p>However, let\u2019s say you see the poor ratings, but you just can\u2019t believe that they\u2019re a valid warning sign since you\u2019ve heard so many people talk positively about the plugin. That\u2019s when you need to turn to the reviews people left alongside the ratings.<\/p>\n<p>What you\u2019re looking for here, specifically, are the dates that the bad ratings were left (as well as what was said). If you should find that all bad ratings occurred prior to 2015 and it looks as though everyone is really impressed with the latest iteration, the plugin may be worth installing. It may also be that the developer found a bunch of people to plant positive reviews, too. So watch out for a lot of entries that just say \u201cGood\u201d or \u201cGreat plugin\u201d. The WordPress community is usually more descriptive in their feedback.<\/p>\n<p>One other thing to consider here is how the plugin owner responds to negative reviews. WordPress is slow to remove negative comments because they believe &#8220;<a href=\"https:\/\/make.wordpress.org\/plugins\/2016\/05\/03\/handling-bad-reviews\/\" target=\"_blank\">the way you react to those poor experiences<\/a>\u00a0[comments] is going to impact your reputation, and that of your plugin, a heck of a lot more than that review.&#8221;\u00a0\u00a0That&#8217;s why it&#8217;s important to not only check what a reviewer says, but also the authors response. Did they offer to investigate and fix a fringe issue? Were they willing\/able to provide a patch? Was the bad review actually the result of misuse, user error or a conflict out of the authors control?<\/p>\n<p>Of course, if you see any reviews or comments that mention security concerns, walk away. That is non-negotiable.<\/p>\n<h3>9. Support Is Non-Existent<\/h3>\n<p>Even though you are a WordPress developer and have a good handle on troubleshooting within the CMS, you shouldn\u2019t have to figure out why your plugin won\u2019t install, doesn\u2019t work as promised, or has caused the white screen of death. When security is a primary concern, support needs to be there.<\/p>\n<p>So, it\u2019s really nice that we have this information easily at our disposal to peruse in WordPress. There are three things I would look for with this:<\/p>\n<ol>\n<li>Look at the percentage rate at which they actually respond to support requests.<\/li>\n<li>Read through some of the developer\u2019s responses to make sure they\u2019re actually helpful.<\/li>\n<li>Scan through the response dates. If the developer hasn\u2019t provided any support responses (or even comment responses) in the last three months, that\u2019s not a good sign.<\/li>\n<\/ol>\n<p>If support matters to you, don\u2019t let this one go unnoticed.<\/p>\n<h3>10. There\u2019s No Documentation<\/h3>\n<p>For some WordPress plugins, it might not make sense to write up a bunch of documentation on how to install or configure it. Screenshots might not be needed either if it\u2019s a set-it-and-forget-it kind of plugin (like Akismet).<\/p>\n<p>However, for plugins that require some work to get them moving or that tackle a highly technical function or feature, there need to be screenshots at the very least as well as documentation in case you have questions about it. If none are available, verify that it\u2019s not tucked away somewhere on the website. And if you\u2019re still at a loss, don\u2019t download it. It\u2019s the same as getting no support from the developer.<\/p>\n<h3>10. It\u2019s Too Big<\/h3>\n<p>Performance is incredibly important in WordPress, so you should make conscious decisions about what you put inside of it that could adversely affect its speed and, consequently, security. <a href=\"https:\/\/wpmudev.com\/blog\/the-slowest-wordpress-plugins-and-alternatives-to-try-instead\/\" target=\"_blank\" rel=\"noopener\">Slow WordPress plugins<\/a> are a problem, but sometimes it\u2019s just because of how bloated they are in size.<\/p>\n<p>When dealing in free WordPress plugins, I\u2019d advise you to download them to your desktop (rather than directly into your WordPress). Take a look at the file size. Can your server reasonably hold this with everything else that\u2019s already on there? If not, find something else.<\/p>\n<h3>11. It Doesn\u2019t Play Well with Others<\/h3>\n<p><a href=\"https:\/\/wpmudev.com\/blog\/wordpress-plugin-conflicts-how-to-check-for-them-and-what-to-do\/\" target=\"_blank\" rel=\"noopener\">WordPress plugin conflicts<\/a> can occur for a variety of reasons. Sometimes they conflict with other plugins and sometimes it\u2019s a theme or the WordPress core itself they just don\u2019t play well with.<\/p>\n<p>Again, do your research before you install the plugin to your site. See if the user comments say anything about known conflicts in WordPress. Google should be able to tell you the same.<\/p>\n<p>If you\u2019re feeling confident enough that the plugin won\u2019t cause your site harm, I\u2019d still recommend installing it on a testing sub-site. Just to be on the safe side. Having to deal with bringing your site back up online or fixing a broken feature on the site just isn\u2019t worth your time if you can verify the safety of the plugin that way.<\/p>\n<h3>12. The WPScan Website Says It\u2019s a Problem<\/h3>\n<p>The <a href=\"https:\/\/wpvulndb.com\/\" rel=\"noopener\" target=\"_blank\">WPScan Vulnerability Database<\/a> keeps a log of all known vulnerabilities (with corresponding dates) of WordPress plugins.<\/p>\n<div  class=\"wpdui-pic-regular  \"> <img loading=\"lazy\" decoding=\"async\" class=\"attachment-600x600 size-600x600\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/WPScan-Search.png\" alt=\"Post image\" aria-hidden=\"true\" width=\"600\" height=\"154\" \/> <\/div>\n<p>You can use the search function to locate the specific plugin you\u2019re interested in using on your site. This will instantly clear its name of any wrongdoing. I would also recommend signing up for email alerts. That way, if it (or any of your other plugins) should show up on the vulnerability list, you won\u2019t have to actively dig around for that information.<\/p>\n<h3>13. Your Web Host Says It\u2019s Disallowed<\/h3>\n<p>Did you know that web hosting companies will sometimes keep a list of disallowed or banned plugins? Usually, these have to do with plugins that overlap with the functionality they provide to users (like caching plugins), but that\u2019s not always the case. Sometimes they will outright ban a plugin with known security issues.<\/p>\n<p>Here are some examples of disallowed plugin lists:<\/p>\n<ul>\n<li><a href=\"https:\/\/getflywheel.com\/wordpress-support\/what-plugins-are-not-allowed\/\" rel=\"noopener\" target=\"_blank\">FlyWheel<\/a><\/li>\n<li><a href=\"https:\/\/www.godaddy.com\/help\/blacklisted-plugins-8964\" rel=\"noopener\" target=\"_blank\">GoDaddy<\/a><\/li>\n<li><a href=\"https:\/\/kinsta.com\/knowledgebase\/banned-plugins\/\" rel=\"noopener\" target=\"_blank\">Kinsta<\/a><\/li>\n<li><a href=\"https:\/\/support.pagely.com\/hc\/en-us\/articles\/201255990-Which-plugins-and-themes-are-allowed-\" rel=\"noopener\" target=\"_blank\">Pagely<\/a><\/li>\n<li><a href=\"https:\/\/wpengine.com\/support\/disallowed-plugins\/\" rel=\"noopener\" target=\"_blank\">WPEngine<\/a><\/li>\n<\/ul>\n<h3>14. Your Favorite Blog Says They\u2019re No Good<\/h3>\n<p>Actually, with this one, it doesn\u2019t even need to be that your favorite WordPress security blog says that the WordPress plugin is unsafe or no good. If the blog flat-out never mentions them as a trusted or secure plugin, then why bother using it? You trust these guys enough to read their articles on a regular basis, so you should have faith they\u2019ll steer you in the right direction.<\/p>\n<h3>15. Your Checkup Tool Indicates There Are Problems<\/h3>\n<figure id=\"attachment_208731\" class=\"wp-caption aligncenter\" data-caption=\"true\"><a rel=\"lightbox[171697]\" class=\"blog-thumbnail\" href=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/health-check.png\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-208731\" src=\"https:\/\/wpmudev.com\/blog\/wp-content\/uploads\/2018\/04\/health-check.png\" alt=\"Health Check &amp; Troubleshooting Plugin\" width=\"600\" height=\"269\" \/><\/a><figcaption class=\"wp-caption-text\">Health Check &amp; Troubleshooting Plugin<\/figcaption><\/figure>\n<p>Finally, use the Site Health feature (Tools &gt; Site Health) or a plugin like <a href=\"https:\/\/wordpress.org\/plugins\/health-check\/\" rel=\"noopener\" target=\"_blank\">Health Check &amp; Troubleshooting<\/a> or our very own <a href=\"https:\/\/wordpress.org\/plugins\/defender-security\/\" rel=\"noopener\" target=\"_blank\">Defender<\/a> to see\u00a0if there\u2019s anything suspicious going on with it.<\/p>\n<p>We suggest running a check of your site before installing a new plugin so you have a baseline to compare it against. If any security warnings come up after installation, you know what caused the problem. Delete the plugin and all its files immediately. And never look back.<\/p>\n<h2>Wrapping Up<\/h2>\n<p>A WordPress plugin can go sour in so many different ways, so you need to do your due diligence before you entrust any of them to your site. Then, you must keep on reviewing them to make sure they don\u2019t go off the rails while you\u2019re not looking. If you spot any of these warning signs, skip downloading that new plugin.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Even the smallest and simplest of WordPress websites needs plugins. Akismet is a must if the site has a blog. A security plugin like Defender is non-negotiable. And a solid contact form is needed if you intend on collecting leads. For the most part, though, we know that these commonly used and referenced WordPress plugins [&hellip;]<\/p>\n","protected":false},"author":344989,"featured_media":171909,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"blog_reading_time":"","wds_primary_category":0,"wds_primary_tutorials_categories":0,"footnotes":""},"categories":[4],"tags":[9974,10003,9976],"tutorials_categories":[],"class_list":["post-171697","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-plugins","tag-wordpress","tag-wordpress-plugins","tag-plugins-3"],"_links":{"self":[{"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/posts\/171697","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/users\/344989"}],"replies":[{"embeddable":true,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/comments?post=171697"}],"version-history":[{"count":11,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/posts\/171697\/revisions"}],"predecessor-version":[{"id":171911,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/posts\/171697\/revisions\/171911"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/media\/171909"}],"wp:attachment":[{"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/media?parent=171697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/categories?post=171697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/tags?post=171697"},{"taxonomy":"tutorials_categories","embeddable":true,"href":"https:\/\/wpmudev.com\/blog\/wp-json\/wp\/v2\/tutorials_categories?post=171697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}