What’s the Problem with WordPress?
If you’re reading this, I assume you’re either a WordPress developer or user. Otherwise, you wouldn’t be here.
WordPress is the second-most-popular website platform, only behind Google. It powers 30% of the world’s websites and over 2 million new sites are launched every month. It’s safe to say that WordPress has an engaged audience.
Despite its popularity, WordPress has a very serious problem which could prevent your site from going live or even existing: Security.
A Vulnerable, Unsafe, and Unstable Platform
WordPress’ biggest weakness is the fact that it’s incredibly vulnerable to attacks from hackers and malware. This means that if you install WordPress on a computer, it’s highly likely that you won’t be able to access your site without having your computer compromised in some way.
To give you an idea of how vulnerable WordPress can be, the platform is regularly hit by cyberattacks, resulting in sites being taken offline, admin accounts being hacked, and databases being compromised. Most of these attacks are initiated from Russia, Thailand, and Brazil. The reason for this is that these countries have a lot of highly skilled engineers who are dedicated to finding vulnerabilities in WordPress’ code and exploiting them. (1)
The truth is that no matter what you do to prevent it, WordPress is still extremely unstable and full of holes. This is mainly due to the fact that it’s extremely popular, meaning there are a lot of people who want to get their hands on it and find vulnerabilities. In March 2020 alone, WordPress suffered from over 200 critical vulnerabilities, most of which were acknowledged by the WordPress team itself. (2)
With so many critical vulnerabilities in WordPress, it’s clear that the platform is not secure enough for use on a live site. Even now, six months later, there are still critical vulnerabilities in WordPress which have not yet been patched. (3)
A Threat to User Privacy
Another serious issue with WordPress is that it compromises user privacy. While WordPress protects your content (such as words or images) by encrypting them before storing them on the server, it does not protect your visitor’s information, such as where they come from, what device they use, or what browser they’re on.
The problem is that unlike your content, which you have full control over and can decide who sees it, your visitor’s information is sent to your server without their consent. This means that even if you don’t plan to use their information for marketing purposes, you’ve already authorized the collection of this data.
To put it simply, WordPress collects data on every visitor to your site, automatically and without their knowledge. This data is then stored on their behalf and used by third parties (mainly advertisers) for targeted marketing. (4)
This is likely because collecting and storing personal data is so cheap for companies compared to the effort and cost of securing a website against hacks and malware. And remember, as we’ve established, WordPress is very vulnerable to such attacks. (5)
An Aging Back-end and Overwhelming Support Requests
Finally, let’s discuss a problem that many WordPress users experience, but which the company doesn’t talk about: Bugs, glitches, and unexpected behavior. (6)
Every software program has bugs, these are unexpected behaviors or errors which occur during the use of a product. Sometimes these can be dangerous, causing issues that have to be manually resolved. (7)
WordPress’ biggest weakness is that it’s extremely difficult to use. When you compare it to other platforms and CMSs, such as Drupal or Joomla, it is, in fact, quite underwhelming. (8)
Despite this, WordPress continues to grow in popularity every year. Meaning more and more people are using it, resulting in an ever-growing number of support requests every month. Because of this, WordPress needs to improve its offering (faster load times, fewer bugs, etc.) while still maintaining its popularity.
To bring this article to a close, let’s discuss the various security risks associated with WordPress and why you should avoid getting hacked. Overall, unless you have a really good reason for using it, it’s best to stay away from WordPress.