Your WordPress version might not be the most glamorous aspect of your WordPress website. But, from a security standpoint, it’s one of the most important things to keep track of.
WordPress frequently releases security updates to patch vulnerabilities that cybercriminals love to exploit. Each new release details the problems that were found and fixed in the update. Therefore, It’s crucial to make sure your current WordPress version is up-to-date at all times. Otherwise, your site may become one of the tens of thousands of websites hacked every day.
On top of security fixes, WordPress updates also improve page speed and website performance, which are critical to engage and retain visitors. Plus, an outdated WordPress version can cause compatibility issues with themes and plugins. If you fail to consistently update your core installation and your add-ons, you could break your site.
First, in the Dashboard view, check under the At a Glance widget. Among this information are your WordPress version and your active theme.
Alternatively, simply scroll to the bottom of this page or any page in your admin view. In later WordPress versions, you’ll see the version number in the bottom right corner.
If the At a Glance widget is disabled, you can also check your version under Dashboard > Updates. On this page, you’ll be told whether you have the latest version of WordPress or if you need to update.
Finally, you can view your WordPress version in About WordPress. Hover over the WordPress icon in the top left corner and choose About WordPress. This page details your WordPress version, including new features and contributor credits.
These all work well for admins. But, what if you’re not an administrator? Below are several alternative methods to check the version of your website without accessing the dashboard.
2. Search the web page source code.
The next way to locate your WordPress version is by peeking at the source code. Open your website in your browser, then right-click anywhere in the window and choose View Page Source. This displays the page’s underlying HTML in the browser.
Next, use your browser’s search function (likely control-F on Windows or command-F on macOS) and search for the word “generator”. If it hasn’t been disabled by the site administrator, you’ll see the following meta tag:
<meta name="generator" content="WordPress 5.6" />
This tag signals that the website is built with WordPress CMS, and includes the version number in the content attribute. In the example above, the version is WordPress 5.6.
However, there’s a chance this technique won’t work since many WordPress websites use security plugins to hide this tag from public view, preventing hackers from detecting outdated pages.
Alternatively, search the page source for the code “ver=”. You’ll probably see several search results for this code, so look only inside the tags that begin with link rel='stylesheet'. The numbers after ver= indicate the active WordPress version.
3. Search the website RSS feed.
All WordPress websites produce several RSS feeds by default, and you can try looking here for the version number as well. To view a WordPress site’s main RSS feed, paste “/feed” at the end of the website’s URL:
This displays the XML code for the RSS feed in your browser. With the feed open, search for “ver=”. If tags with this attribute haven’t been hidden by the administrator, you’ll see that the numbers following this code are the WordPress version.
4. Check version.php via cPanel or FTP.
The version.php file in WordPress contains the version of its respective WordPress site. This is a more accurate indicator than viewing source code, since this number isn’t affected by the active theme or plugins. However, version.php can’t be opened through the front-end, so you’ll need to access your server files with a file manager or through a File Transfer Protocol (FTP) connection.
Many hosting providers use cPanel as the default file manager. If this is true for your host, log into your hosting account, navigate to your cPanel dashboard, and select File Manager.
If you prefer to access server files via FTP, use an FTP client to connect to your server to view your websites’ folders and files.
Once you’ve reached the file view, open the directory where WordPress is installed (typically public_html), then open wp-includes. You should see your version.php inside this folder. Open version.php in a text editor and run a search for the code “$wp_version =”. The number that follows this code is the active WordPress version.
5. Check the readme.html file.
If none of the above techniques work, you can try one last-ditch method: accessing the readme.html file. This will only work on outdated versions of WordPress — the most recent versions have removed the version number from readme.html.
To open this file in your browser, place “/readme.html” at the end of a site’s URL:
With any luck, you’ll see the WordPress version at the top of the file.
Keep Your Site Secure and Up-to-Date
It’s always a good idea to stay on top of your WordPress updates and know which version your website is currently running. This helps to protect from cyberattacks and cover up security vulnerabilities, and it also improves the efficiency of your code to aid performance.
Lastly, remember that the same is true for plugins and themes — outdated WordPress add-ons are among the most common entry points for WordPress hackers to access your private files. So yes, those little update notification icons in your admin panel might be annoying, but there’s good reasoning behind them.
Originally published Jan 27, 2021 7:00:00 AM, updated March 19 2021