Developing a WordPress® site is often an iterative process. You try different layouts. You try different themes. You try different plugins. Then, you finally land on a configuration that meets your needs, is aesthetically pleasing, and performs reliably.
You then look in your admin panel and notice that there are a dozen different themes you’ve downloaded, as well as the six different social sharing plugins you tried before getting everything just right. But then you start posting articles and get into your groove and sort of forget about the cruft that’s sitting around.
Let’s be clear. There is no good reason to leave unused plugins or themes in your WordPress installation. Get rid of them.
Security is the main reason you should do this. From a security standpoint, a malicious individual might discover an exploit that leverages those unused themes and plugins. For example, in 2011 an image resizing utility called TimThumb that was included in many themes was discovered to be vulnerable to attack. If you had a theme that used TimThumb, it was susceptible.
In addition to the security aspect, removing unused plugins and themes helps in a host of other ancillary areas: reducing complexity and confusion when other people work on your site, reduction in the size of your backups, and perhaps even a nominal performance improvement.
Happily, getting rid of extraneous plugins and themes is straightforward. All are listed in your WordPress admin panel, and each can be deleted with a click. So go do it the next time you log in.
Bonus link: If you want to know the full performance impact of the various plugins in your WordPress installation, check out the Plugin Performance Profiler (P3) plugin by Kurt Payne. It will show you a graphical representation of how each plugin in your installation is affecting your site’s performance.