Social Impact Leaders: It's Time to Ditch WordPress

WordPress powers most of the world’s websites. But today, there are much better options for social justice and climate action organizations. WordPress is bloated, unreliable, uses more energy than is needed to power a website, and was originally designed to fulfill a very narrow purpose: hosting a blog.

If you’re using a WordPress site right now, it’s worth assessing the benefits of investing in a more contemporary, right-fit set of digital tools.

Let’s look at WordPress, discuss its shortcomings, and investigate options that can help social impact leaders employ a more thoughtful digital strategy.

WordPress is a Blogging Platform, not a Content Management System (CMS)

We know, that’s a big claim. But stay with us for a minute. Yes, you can use WordPress to build out comprehensive websites (the Trump and Biden administrations both opted for WordPress in running whitehouse.gov). We’ve actually built out some fairly extensive WordPress powered sites in the past, which is largely what led us looking for better options in the first place. But once you try to build something that starts to extend beyond a basic blogging website, extensive modification is required.

There are some general patterns that websites in the social impact space follow. Whether it’s an Action Center or a Marketing Hub, you’re going to need several unique layouts and different types of pages to tell your impact story, give an overview of your site, engage users, and inspire action. Due to its underlying data structures, WordPress does not support this approach to web design at a foundational level. What serves social impact organizations best is a modern, flexible, and extendible CMS designed and configured to fit their bespoke needs.

Use the Right Tool for the Job

The WordPress schema (the data structure behind the site) was originally designed with essentially three sections in mind: the title, the content, and “post meta” (the author, the date it was published, and so on). The “content” section — essentially everything else on the page — was originally developed to very basic support paragraphs of text and images, when the web was a much simpler place.

Its schema makes WordPress fine for blogs. However, it’s a big lift when you set out to create scroll-stopping experiences that inspire visitors to take action. It means investing more time and resources into the creation of the interactions that attract and retain supporters and advocates and inspire them to take action on behalf of your organization and cause.

That hasn’t changed much since WordPress was originally released at the turn of the century. Support for static pages was built out after a couple of years, then custom post types, and more, but despite all of these innovations, the underlying data structure never changed. There’s still the same few fields: title, author, content, post date, category.

You can get around these constraints with plugins that add various page-building tools, but ultimately these plugins have “hacked” WordPress’s content-storage system to add this flexibility. Even WordPress’s new core Gutenberg content editor had to “hack” the data schema to accommodate drag and drop components common in most modern CMS’s. We’ll get into the challenges with Gutenberg more below, under Content Creator Challenges.

Bigger problems emerge when the developer of one of these plugins stops updating it. When this happens (and it happens a lot), you usually need to manually move all of this content over to another plugin, which you then have to also learn and wrestle with. Obviously, migrating your content to this new plugin requires additional investment of time and resources — and there’s no guarantee that the developer of the new plugin will support it over the long run.

What you end up with is pigeon-holed layouts built on fragile databases of content that depend on your plugin developer’s continued support. This poses a much larger issue, which we get into below.

Rapidly Abandoned Plugins, Themes, & Security Concerns

Many plugins and templates are abandoned shortly after release or after a few short years. This can open your site up to hacking as bad actors discover exploitable code. The problem has gotten so bad, WordPress’s parent company, Automattic, has invested in open source tools like WP Scan to help site admins track their security weaknesses.

In just one example, Gravity Forms has two integrations with Network for Good, a popular donation platform. However, neither of the two plugins have been updated in over three years. One plugin actually just takes the original code and tweaks it slightly, and it doesn’t support the current version of Gravity Forms, PHP, or WordPress.

The Gravity Forms problem is just one instance. This ecosystem of free and unmaintained plugins creates a situation where tens of thousands of sites have vulnerabilities. Today, more and more websites rely on obsolete plugins for core functionality that prevent them from upgrading to patched versions of other vital plugins. In many cases, this lack of updates mean no support for current versions of PHP itself. The result is that many users leave not just their websites open to exploit, but their servers as well — just to keep something simple, like their donation form, working. It’s a cascade effect that can leave your site vulnerable to bad actors in multiple ways.

In an attempt to wrangle these issues, some users install security plugins. Unfortunately, these rarely protect WordPress sites from plugin vulnerabilities and can pose risks of their own.

WordPress is Aging Poorly

Content Creator Challenges

We have hit a point when WordPress’s own development is split between WordPress Core (written in PHP) and Gutenberg (a mish-mash of PHP and Javascript / React). The left hand isn’t talking to the right hand, leaving content administrators with a frustrating editing experience and two (or more) design systems in the back-end.

For example – Gutenberg (WordPress’s new content editor that we mentioned above) has a completely separate versioning system and its changelog is so long that Github (a website and cloud-based service that helps developers store and manage their code) makes you download the raw version (coming in at a whopping 1.7 megabytes of text). Without getting too into the weeds, imagine a requirement that you actually read the terms and conditions of every product you use every time there’s a change or upgrade. That’s how much reading you’d need to do between major versions of Gutenberg to develop for it confidently.

As a result, WordPress is often not using the latest version of Gutenberg, and, if you opt into using the latest version of Gutenberg via their official plugin, you’re faced with version mismatches and more. As of this writing, Gutenberg is on version 13.8.2, WordPress is on 6.0.1. In just a few years, Gutenberg has had more than twice as many versions as WordPress has had in nearly two decades. There’s no correlation between the two versions even though Gutenberg is now WordPress’s official content editing interface (and many WordPress fans’ least favorite feature).

This disconnect between a core feature (Gutenberg) and the actual core code can be a nightmare for developers – which means more hours and a more expensive build-out. Developers have to build multiple versions of their components or rely on obtuse block frameworks.

The problem is so bad, Kinsta found that roughly half of all WordPress sites still have not upgraded to a version of WordPress using Gutenberg — a huge problem for maintainers who must continue to push out security patches for versions of WordPress that came out over five years ago — assuming these users trust the updates at all.

It should come as no surprise then that over 95% of Sucuri’s hacked site cleanup requests last year were for WordPress sites.