5 reasons WordPress is a risky choice for your business – The Business Journals

WordPress is a popular content management system — a web-based application for creating and managing the content of a website, including wikis, blogs and discussion boards.
WordPress offers thousands of themes that provide users with customizable options. It also gives users the ability to scale websites to their business needs by adding different plug-ins.
This ease of use and utility is why almost 30 percent of websites and more than half of all CMSs use WordPress.
There’s a distinction between and is a repository of open-source software that requires users to provide their own web hosting environment and some intermediate- to advanced-level web development skills. is a web hosting service that provides pre-made templates and themes. It sacrifices flexibility and customization for ease of use. 
Both sound like attractive options, don’t they? Except, they’re not. At least, not for everyone.
Any company thinking about using WordPress as its CMS should consider the following points before creating a new website and while reevaluating its current system.
In 2003, WordPress was originally an offshoot of another project, b2/cafelog. It used a database to manage blog content.
Back in 1998, I worked for a website development company that specialized in offering CMS and even e-commerce sites that ran off a database. Today, that concept is commonplace — due in large part to powers approximately 75 million blogs. Yes, blogs. Not dynamic company websites meant to convert visitors into customers or securely process transactions.
If you’re only looking for an easy-to-use personal blogging platform, by all means use Otherwise, there are other options that will better meet your company’s needs.
There are some technical factors to consider when you’re deciding how to power the digital face of your company. is a web hosting site. It provides the tools to create and manage the look and behavior of a website through directions it stores in code. That programming language (PHP) requires translation to HTML in order for it to load on viewers’ computers. This process slows down the load time of the webpages significantly, especially during peak usage. 
Trying to get around this issue by using the open-source Even WordPress acknowledges its software has a performance issue: “Although WordPress is fast, it does contain a substantial quantity of code that needs to be loaded each time a page is displayed. This may or may not affect performance depending on the hosting environment, but on a shared hoasting [sic] environment using SuPhp (and thus without op code caching) it can add several seconds to each page load.”
A slow-loading site means impatient customers will leave — after all, time is money. In fact, according to a StrangeLoop case study, a 1-second delay in page load time can lead to a 7 percent loss in conversions, 11 percent fewer page views and a 16 percent decrease in customer satisfaction.
And if that’s not bad enough, Google has started pushing slow-loading websites further down in its search results, leading to fewer clicks and views.
Plug-ins are extras added to a website to add function without completely changing the code that is already part of each theme and page template. There are more than 50,000 official WordPress plug-ins and tens of thousands of unofficial ones. These plug-ins do things like help your site run faster, record traffic, monitor screen comments, optimize keyword searches and more.
Why so many? Because the core software that runs WordPress is not designed to do all of those things. Each plug-in, even with the intent to make things run faster or safer or look cooler, adds bulkiness to your site. And worse — they add possible entryways for malware and hackers.  
The widespread use of WordPress means there are both good guys and bad guys who specialize in finding bugs in the base code or in the many plug-ins. There are even cleverly packaged plug-ins with malware already programmed inside. The bad guys know that if there’s a hole in a plug-in, it can be an open door for all kinds of nefarious activity. 
Unfortunately, many companies have experienced this kind of activity. For example, in 2010, thousands of companies using WordPress became targets in a pharma hack. This kind of attack is not readily apparent because it quietly loads webpages that promote pharmaceuticals, like Viagra and Cialis, under the main page’s directory. These webpages don’t appear to users; instead they exist for web crawlers to increase page ranks and directed ad traffic.
These attacks use multiple points of entry, are very hard to remove and have happened again and again in 2015, 2016 and 2017. Even as recently as February 2017, a similar attack of compromised plug-ins created a redirect that led visitors to websites that contained malware links or X-rated content. Google’s search engines, in turn, blacklisted these companies’ pages as websites containing harmful content. 
Want a final example of a WordPress plug-in gone rogue? Many suspect that the leak of the Panama Papers, which revealed unsavory and illegal financial activities that led to the downfall of some global political and financial leaders, was due – in part – to an un-patched plug-in meant to aid in sending emails. When one adds all of this vulnerability to the fact that only 22 percent of users run the most updated WP version, you create a hacker bonanza.
We all know that analytics is the name of the game these days. Understanding who visits your site, how they found you, keyword terms, click progression, time per page, fall-off rate, conversion rates and other metrics is critical for your marketing.
WordPress doesn’t have this kind of analysis software built in. Even one of its most popular plug-ins for analytics, Jetpack, doesn’t have the drill-down capabilities of Google Analytics or even other platforms designed for business lead capture and transformation. Data is a competitive advantage. Ignoring it because of inadequate website functionality is to your detriment.
Both and share the weaknesses mentioned above in varying degrees. For the company that needs speed, security, customization and detailed analytics designed into a corporate-level package, there are more reliable and sophisticated options. 
Companies should use commercially acceptable software for marketing automation. Explore paid tools like HubSpot, Eloqua, Marketo and Infusionsoft for your content marketing, marketing automation and website CMS. Axia uses HubSpot. We recommend it to our clients. 
These tools provide marketing integration, automation and analytics software. Ultimately, even as a paid solution, these tools saves time and money with all its integrated features:
When you’re buying these tools and services from multiple providers, including WordPress, the amount of time and money you spend is similar to what an integrated costs, yet your program and data isn’t integrated and the time to operate and connect each tool is substantial. 
Paid solutions might not be for everyone. There are dozens of qualified CMS and marketing automation systems available. Just don’t leave your company dependent on WordPress. It’s not a commercially viable solution in our experience.
© 2022 American City Business Journals. All rights reserved. Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated 1/1/21) and Privacy Policy and Cookie Statement (updated 7/20/21). The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of American City Business Journals.


Leave a Reply

Your email address will not be published. Required fields are marked *