Today I read a notification about WordPress 5.2.4 release. Then, when I open up my e-mail, I see an e-mail that says they’ve updated my blog from 5.2.3 to that 5.2.4.
The question is not whether you should upgrade or not. Ideally, you must. Easier said than done, I know.
Still curious about what’s new in this update, I head to its news page. There are six security patches. Two of them address the XSS problem.
I imagine. If an update from 5.2.3 to 5.2.4 addresses six security holes, what if there’s a WordPress site that missed the several updates? How many security holes it has?
What about those who choose to stay at 4.9 because they don’t want Gutenberg? What about the others who choose to switch to ClassicPress?
Some months ago, when I still hate Gutenberg editor, I even considered to stop the WordPress update and make it stay on version 4.9.
I am grateful I choose to learn more at that time. Not only that, but I also set most of the WordPress sites I manage to have auto-updates enabled.
Trust me. Delaying any update on your WordPress is like piling up debt. Yes, I mean it literally: technical debt. At some points in the future, you must pay for it.
You may delay to deal with it for now and save some hours. But with more and more updates are coming, you’ll get far and far behind. You can stay as long as you can until you have no choice but to catch up: updates the WP to its latest version and update or adjust all the customizations you’ve made.
Therefore, if you just begin, be sure to use the latest WP version. Be mindful of all the customizations you make. Always try the best practice as much as you can. It may delay you in the beginning but it will be a great benefit in the long run.
At last, let’s help to keep the web realms a safer place for everyone, right?