Even if WordPress is the most popular content management system from the Internet and has lots of advantages, it also has some disadvantages that can make you think twice if you want to use it for your website or not.
Each CMS has some improvements, updates and upgrades released in time that solves older bugs and comes with multiple new and various features, but some bugs remain unsolved for a really long period or are never fixed.
There are several WordPress bugs and disadvantages that you need to consider when you want to make a website with this platform: translation, security, bad programming, support, bad default configuration, source code, customization, updates and resources.
One of the biggest problems of WordPress is volunteers, there are a lot of them, and most of them don’t have the proper skills for certain areas of expertise such as translation. Anyone can be volunteer, you only need a WordPress account and you can start translating from English into different languages without any restrictions.
I have seen users who made poor quality translation from English to foreign languages, turning the easy to use dashboard into non-sense admin area.
In some of the WordPress versions, especially the newest one, translations are incomplete. By updating the system, you might end up having your website in both English and the other language you used before.
So if you need to build a website for a client who does not understand English, you rather do the translation and help the community out with your work, or you choose another method to make the website.
Security is a major problem of WordPress websites. Especially brute force attack is one of the main concerns. We talk about BFA, when someone tries to access the dashboard of your WordPress site or your FTP account by trying out different user names with different password combinations. If you choose a strong password and changed the default admin user name, you can reduce the chance to get hacked, but there is no guarantee that you will always win.
Another big security hole is represented by the third-party themes and plugins which are made by both professional development companies as well by individuals or even hackers. These files are verified, but sometimes the developers can hide fishy code that will not catch the attention of the verifier.
These security problems cannot be resolved just with updates. They need to pay more attention on the themes and plugins that are being updated and verify the users who are doing it. Employing highly skilled programmers and WordPress expert to review the code could be another solution, but as I told there will always be a hole somewhere.
While the core WordPress is developed by Automatic Inc, a professional web development company, who pay really close attention to details, most third-party plugins and themes are created by unskilled persons.
Not optimized code can not only slow down your site or cause errors, but can also be the back-door for a hacker to break into your site.
Lack of Support
Although the community is very active, and you will find answers to most of your questions, there are cases when you have to figure out things by yourself. The official WordPress support is represented by volunteer, plugin and theme developers, WP assistants or people from all around the world.
When buying a commercial theme or plugin, you will get a level of support from the company who sold it to you, but you might still have unanswered questions at the end of the day. You can also purchase WordPress support from different companies or buy guides to learn this system, but these are not cheap.
The default configuration of WordPress needs some adjustment by the user. Basically when you install WordPress to your site, you will have to make some adjustments.
For instance, you will have to activate SEF URLs for better SEO, so search engines such as Google can find your pages and content more easily. The visual editor might also cause problems for newbie users, because by default some important features are hidden, which the user have to figure out.
Although WordPress is updated frequently there are still parts in the core where old PHP techniques are used for global variables, functions, and classes. The naming of some functions is confusing and becomes frustrating sometimes.
WordPress produces bloated code with its WYSIWYG visual editor and you can easily see this when you write an article in the editor and then toggle to HTML editor where you can see the source code.
Some free themes and plugins have hidden codes and links to suspicious websites. When removing these codes, the theme and the whole website will stop working. In some cases the dashboard can also be affected, disabling you the option to change the theme or modify your site as you.
SQL queries are also hard to customize because you need knowledge of MySQL and PHP or you need to hire a web programmer to make your website in WordPress so it is better to make one from scratch without using any CMS.
Although the core is usually updated once a month, some plugins can have daily updates. Updating your plugins or theme every day can be frustrating. You don’t have to do it, but it is recommended.
However if you have already modified the theme or the plugins you are using, watch out, because the update will overwrite all your modified files. Will not create a backup or a copy of the files you have edited, so you will lose your modifications. In this situation you will need to live with the constant update notification.
Because the core WordPress and third-party extensions includes a high number of PHP functions and SQL queries, websites built with this CSM will require greater server resources.
There are problems regarding CPU usage and nobody seems to know the solution or even to identify the source of the problem. If you buy managed WordPress hosting, some plugins that are heavy resource consumer are banned. So you will not be able to install the necessary plugins to your site, because your hosting provider will not allow that.
Now, that I enumerated so many disadvantages of WordPress, you might think that it is a bad CMS. The fact is, that it is the best CMS around, and it is powering over 75 million websites world-wide. I always recommend WordPress for website building, even if it has some problems, because it is very simple to use and is free.
However there are still some cases when you should not use WordPress for your project: if you want to create a simple website, which does not need to be updated. In this case you can create the site in plain HTML and CSS. You should not use WordPress for sensitive projects that need high security. You should avoid using WordPress if you can’t afford a reliable web host.