Your WordPress version might not be the most glamorous aspect of your WordPress website. But, from a security standpoint, it’s one of the most important things to keep track of.
If your website is out-of-date and vulnerable to attacks, you could lose your customers’ trust and, eventually, their business. That’s why it’s critical to consistently check your version of WordPress.
The Importance of Checking Your Version of WordPress
Checking your version of WordPress is essential to keep your and your customers’ information safe. WordPress has several well-known security vulnerabilities that can be easily prevented by updating your WordPress version.
How? WordPress frequently releases security updates to patch vulnerabilities that cybercriminals love to exploit. Each new release details the problems that were found and fixed in the update. Therefore, it’s crucial to make sure your current WordPress version is up-to-date at all times. Otherwise, your site may become one of the tens of thousands of websites hacked every day.
On top of security fixes, WordPress updates also improve page speed and website performance, which are critical to engage and retain visitors. Plus, an outdated WordPress version can cause compatibility issues with themes and plugins. If you fail to consistently update your core installation and your add-ons, you could break your site.
How to Check Your WordPress Version
Check your WordPress administrator dashboard.
Search the web page source code.
Search the website RSS feed.
Check version.php via cPanel or FTP.
Check the readme.html file.
Ready to check your WordPress version? Try the methods below.
First, in the Dashboard view, check under the At a Glance widget. Within this box is your WordPress version and your active theme.
Alternatively, simply scroll to the bottom of this page or any page in your admin view. In later WordPress versions, you’ll see the version number in the bottom right corner.
If the At a Glance widget is disabled, you can also check your version under Dashboard > Updates. On this page, you’ll be told whether you have the latest version of WordPress or if you need to update.
Finally, you can view your WordPress version in About WordPress. Hover over the WordPress icon in the top left corner and choose About WordPress. This page details your WordPress version, including new features and contributor credits.
These all work well for admins. But, what if you’re not an administrator? Below are several alternative methods to check the version of your website without accessing the dashboard.
2. Search the web page source code.
The next way to locate your WordPress version is by peeking at the source code. On Chrome, pull up your website, then right-click anywhere in the window and choose View Page Source.
This displays the page’s underlying HTML in the browser.
Next, use your browser’s search function (likely control-F on Windows or command-F on macOS) and search for the word “generator”. If it hasn’t been disabled by the site administrator, you’ll see the following meta tag:
This tag signals that the website is built with WordPress CMS, and includes the version number in the content attribute. In the example above, the version is WordPress 5.8.2.
However, there’s a chance this technique won’t work since many WordPress websites use security plugins to hide this tag from public view, preventing hackers from detecting outdated pages.
If so, search the page source for the code “ver=”. You’ll probably see several search results for this code, so look only inside the tags that begin with link rel='stylesheet'. The numbers after ver= indicate the active WordPress version.
3. Search the website RSS feed.
All WordPress websites produce several RSS feeds by default, and you can try looking here for the version number as well. To view a WordPress site’s main RSS feed, paste “/feed” at the end of the website’s URL:
This displays the XML code for the RSS feed in your browser. With the feed open, search for “generator."
If tags with this attribute haven’t been hidden by the administrator, you’ll see your WordPress version. It should look as follows:
The version.php file in WordPress contains the version of its respective WordPress site. This is a more accurate indicator than viewing source code, since this number isn’t affected by the active theme or plugins. However, version.php can’t be opened through the front-end, so you’ll need to access your server files with a file manager or through a File Transfer Protocol (FTP) connection.
Many hosting providers use cPanel as the default file manager. If this is true for your host, log into your hosting account, navigate to your cPanel dashboard, and select File Manager.
Note: On BlueHost, you’ll find your file manager under “Advanced” options.
Once you’ve reached the file view, open the directory where WordPress is installed (typically public_html), then open a folder called wp-includes.
You should see your version.php file inside this folder. Open version.php in a text editor and run a search for the code “$wp_version =”. The number that follows this code is the active WordPress version.
If you prefer to access server files via FTP, use an FTP client to connect to your server to view your websites’ folders and files. Then take the same steps as above.
5. Check the readme.html file.
If none of the above techniques work, you can try one last-ditch method: accessing the readme.html file. This will only work on outdated versions of WordPress — the most recent versions have removed the version number from readme.html.
To open this file in your browser, place “/readme.html” at the end of a site’s URL:
If your site is outdated, you’ll see the WordPress version at the top of the file.
Which Version of WordPress Should I Have?
You should always have the most recent version of WordPress. If your website is not on the most recent version, update immediately.
Because WordPress launches multiple updates every year, you’ll want to double-check that you’re on the latest one. If you’ve enabled automatic updates, WordPress sends email notifications:
Look in your email to ensure you haven’t received an email of that sort recently. It’s always a good idea to stay on top of your WordPress updates and know which version your website is currently running. This helps protect your site from cyberattacks and cover up security vulnerabilities, and it also improves the efficiency of your code to aid performance.
Lastly, remember that the same is true for plugins and themes — outdated WordPress add-ons are among the most common entry points for WordPress hackers to access your private files. So yes, those little update notification icons in your admin panel might be annoying, but there’s good reasoning behind them.
Editor's note: This post was originally published in January 2021 and has been updated for comprehensiveness.
Originally published Nov 12, 2021 7:00:00 AM, updated February 04 2022