This section explains how to rewrite the version to a higher value so that only certain plugins cannot be updated in WordPress.


How does WordPress determine plugin updates?

Each plugin folder always contains the following comment in some PHP program, indicating that it is a plugin. (Generally, it is often named plugin-folder-name.php)

Each time WordPress is run with this description, the WordPress itself recognizes the plugin itself and performs the function.

/**
 * Plugin Name: Custom Post Type UI
 * Plugin URI: https://github.com/WebDevStudios/custom-post-type-ui/
 * Description: Admin UI panel for registering custom post types and taxonomies
 * Author: WebDevStudios
 * Version: 1.14.0
 * Author URI: https://webdevstudios.com/
 * Text Domain: custom-post-type-ui
 * Domain Path: /languages
 * License: GPL-2.0 
 * Requires at least: 5.9
 * Requires PHP: 5.6
 */languages

If you rewrite the version of the plugin, it will not be updated.

Above.

* Version: 1.14.0

For example, the part “1.14.0” to

* Version: 9999

This will prevent WordPress from recognizing updates only for this plugin, and will prevent the administrator from being notified of updates and from updating the plugin. This will prevent WordPress from recognizing the update for this plugin only.

Please be aware of security!

While this method is effective in preventing updates from being applied only to specific plug-ins, it is important to note that plug-ins are rarely vulnerable, and it will not be possible to plug them with an update.

If possible, it would be safer from a security standpoint to prevent inadvertent updates from the WordPress administration screen using the method described above, while preparing a test environment where you can update plug-ins, check their operation, and adapt them to the production environment.

It is also possible to check for WordPress vulnerabilities and improve security with plug-ins.

Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].