[Swiss-Cheese]

Perfect! Thanks so much, @robin-w for sharing your thoughts. The “Mature” plugin sentiment echos my thinking exactly, but I wasn’t 100% certain so I figured no harm done with asking. Thinking of the “mega work” to move from bbPress at our own site was behind my post! So appreciate your reply. It is good too having this thread available for anyone else with WordFence researching the same message. Thank you too for the warning about the theme choice(s). Good to know! I think I’ve already run across this issue.

[Swiss-Cheese]

Thank you @robin-w for your kind answer. I appreciate your time to look into this question and your diligence in answering people’s questions. It seemed this topic went in a different direction than I was expecting/asking, but perhaps I’m misunderstanding everyone’s answers? According to the security plugin WordFence documentation on their knowledge base it says the issue with bbPress is:

Plugin appears to be abandoned
This scan result means that a plugin has not been updated in 2 years or more. This can be a problem because it means that the plugin author has not made any changes for a long period of time. Sometimes that means it will not be fully compatible with newer WordPress versions, reported bugs may not be fixed, and new security issues might not be addressed.

The scan result also shows if this plugin has a known security issue that has not been fixed. If that is the case, it is recommended that you remove the plugin as soon as possible, and replace it with a different plugin if you need the same functionality.

There are two types of alerts for abandoned plugins, “Medium” and “Critical”. An abandoned plugin will generate a Medium alert. If the plugin also has unpatched security vulnerabilities, the scan result will be Critical. Plugins that are abandoned should be evaluated in terms of what risk they may pose. Unless you know that the code in the plugin is safe, you should start looking for a replacement. Plugins with unpatched vulnerabilities should always be removed.

When I read this guideline from WordFence and look at the bbPress website, as well as reading what WordPress says about it and what information about bbPRess displays inside my dashboard of the install, I’m not certain which instruction to follow. Should I consider it abandoned? Well, someone came here and answered my question named moderator and other people also visited this thread and commented who seemed to assume my question was a PHP compatibility question (i don’t know, is my question a PHP compatibility issue i’ve yet to discover?) so if people are actively reading a support thread that’s not “abandoned” in the sense people are here interacting still. But abandoned where coders who are behind the coding of bbPress watching developments and using the best security practices and applying them? I’m not certain and am not sure how to decide that info without posting again to ask. As a non-coding person I have no way of knowing without asking.

Is bbPress still in development, being monitored and updated by careful coders who look over it, or is the core code maintenance abandoned with some core enthusiasts who are still using it here interacting but not coders who know what’s what in the code? Unfortunately, I don’t read code. I am not a coder. So i have no way of knowing.