Why you should wait to update WordPress plugins and themes

I have used WordPress going on 10 years now. It’s awesome, and I couldn’t imagine myself working with anything else. However, just like with every platform, there are ways to go about forming what I call “good and safe” habits. Today I want to discuss a little bit about updating WordPress plugins and why I typically recommend users to wait before updating to the shiny new version.

Trust me, this will cause you less stress in the long run. 😉

Wait to update WordPress plugins and themes

We all love new and shiny things… and updates to our favorite plugins and themes are always exciting as sometimes they mean new features and capabilities. It’s very tempting when you log in to your WordPress dashboard and see pending updates just to click “update all” and move on. However, this is what I urge you not to do! ✋

WordPress updates available
WordPress updates available

Why? Because developers are humans, just like the rest of us. They sometimes make mistakes. Trust me, my brother and I develop our premium WordPress plugins, and there has been a time or two where we have pushed out bad code by accident, and then immediately had to push another update to fix it. I don’t care how big of a development team is behind a plugin or theme, plugins and themes will always be prone to humans errors.

What happens when a developer accidentally pushes out bad code? Well, for one, it can take down your entire site. Or it can simply break other functionality that you might not even realize until later. Here are a couple examples on plugins that I actually use that had issues this very month. I by no means want to single anyone out here, as it happens throughout the entire WordPress marketplace.

Plugin 1

This first plugin introduced some bad code that would actually freeze the media library. 😦

Plugin update freezes the media library
Plugin update freezes the media library

Plugin 2

This second plugin introduced some bad code that would actually cause a 500 error on your WordPress site. 😥

Plugin causes 500 error
Plugin causes 500 error

These types of bad updates actually happen a lot! I see patches to fix a patch multiple times per week.

My recommendations for updating plugins and themes

So what is the safest route to go? Well, here are my recommendations when it comes to updating plugins and themes on your WordPress site.

1. Look at the plugin/theme changelog

The first thing you should do is always look at the plugin and or theme’s changelog. This can be found within the “Plugin” update section in the WordPress dashboard. If there is a critical security update, then by all means, you should update it right away to ensure your WordPress site is safe. If there isn’t, I recommend waiting a week or two before updating.

Plugin changelog
Plugin changelog

Why wait? Because in almost 99% of scenarios if a developer pushes out bad code, if you wait a week or two, they will most likely have pushed out a fix and in essence, you can bypass all the problems altogether. This is less of a headache for you, your clients, and saves you time. In those 2 plugin examples I mentioned above, I didn’t update either of them within that time period and therefore, never experienced issues.

2. Use a staging environment

If for some reason an update has a feature or fix that you do need right away, then I strongly suggest using a staging environment to test with first(even for the smallest of updates!). Many hosts have staging environments now, so make sure you take advantage of them. This is what they are meant to be used for… testing.

WordPress staging environment
WordPress staging environment


The next time that shiny new plugin update comes around, ask yourself if you really need it today. If you don’t, and it isn’t security related, wait a week or two… trust me, you’ll thank me in the long run. I have been doing updates this way for a long time and almost never experience anything breaking anymore.

I would love to hear your thoughts on updating plugins and themes. What is your workflow? Let me know below in the comments. 👇

Get More Stuff Like This

Marketing, WordPress, Blogging Tips, SEO and Reviews, once a week.

Thank you for subscribing.

Something went wrong.

19 thoughts on “Why you should wait to update WordPress plugins and themes”

  1. This.

    The whole theme/plugin update dance is such an issue that we ended up baking it into the hosted/managed service we sell. We go so far as to prevent users from installing updates directly so we can test on staging installs before rolling out.

    The only real exception to that rule are emergency security updates.

    As for the workflow, we manage just over 100 installs all hosted on WPEngine. We update plugins via a proprietary deployment tool my Lead Tech Developer wrote to push themes and plugins out from a Git repo to each install: https://www.screencast.com/t/Rcapub31D3

    We can push updates on a per site basis or per element (i.e. any site with that theme or plugin assigned gets the update).

    This makes testing less time consuming but allows us to get the updates out ASAP once that process is complete.

      • I’m really happy to see more attention paid to this topic. While it’s a natural byproduct of successful open source software, anyone who has been a WP developer for more than five years has seen this become an increasingly tricky issue. I asked my Lead Technical Developer to write an article on the catch-22 of this where the other side of the coin is WP users who get one-off development projects and end up in update hell becasue no one prepared them for the notion of legacy costs: https://artshacker.com/update-pros-and-cons/

  2. Thank you for this great article, Brian. I wonder how do you find out if the update is a “critial security update”? Is in the changelog of that update written “critial security update”?

    • Usually just look for the buzzwords “vulnerability,” “security update,” etc… Anything regarding security you should usually always update as soon as you can.

  3. Hey Brian,

    I am yet to face a problem due to updates and I’m the kind of guy who instantly clicks on ‘update all’ button every other day.

    Thanks for the heads up and now I’ll try to read the update logs before updating. And it’s great that Kinsta provides staging environment.

  4. It’s kind of a catch 22 though Brian. You want users to wait to update a few weeks, but the only way developers know there’s a problem is if the code is tested in more environments other than their own where it obviously works for them. So if everyone waited a few weeks, then no one would be reporting problems back to the developer. Now, I don’t mean to say that users are the gueniae pigs for developers, but just that no matter how diligent developers are in having Unit testing and testing in as many environments and plugin/theme configurations as possible, there is an infinite amount of variations in any given WordPress site which makes complete testing impossible.

    My best advice is not to wait — because what if it’s a security patch?! Update in a safe environment, either locally or a live staging site. If you experience problems, report them immediately. Encouraging waiting actually defeats the purpose of safety and iterative improvement.

    • Hey Matt, thanks for stopping by. It’s definitely a catch 22 situation and yes… if users would actually use their staging environments then this wouldn’t be a problem. I rarely see users actually making use of development or staging sites which is a pity, because that is what they are designed for.

      I’ll make a little more emphasis on staging above :)

      • I wholeheartedly agree that using staging sites is the smart move, having said that, I’m not terribly happy about the idea of being an unwitting quality assurance agent for fee based themes/plugins.

        I volunteer as a release tester for GeneratePress and am happy to do so and for the plugins I develop, I offer incentives to users who are willing to test out release candidate versions.

        Having said that, all of my clients live inside a managed hosting environment that we control directly. So in those cases we automatically push those early release versions to their respective staging sites. All of which means much of the conflict points in this discussion topic are moot.

        For free/freemium themes/plugins, I absolutely agree users need to be willing to endure some pain points via serving as live testers. After all, it’s free and the user is benefitting from that model. Getting feedback from that user base has value to the developer so it’s a reasonable symbiotic relationship at that point.

  5. This is worth considering for plug ins – a pause at least.

    But what about updates to themes? Not so frequent
    but presumably updated due to similar issues eg security, compatibility.
    But in my experience most theme producers do not provide detailed change logs
    in the same way most plugin writers do. (or perhaps are required to
    do on the WordPress plugin support site)

    • You’re right Patrick, most themes I have seen also tend to not always have changelogs that are up to par with those of plugins.

      However, some do. I use the GeneratePress on this site and all my sites (https://woorkup.com/generatepress-review/) and the developer is great about publishing all changes. I think the key with themes is finding a good developer or team that creates it.

  6. Creating a staging site to test out new updates before deploying to production is the way to go. That is exactly my workflow.

    Great to see some needed attention to a topic that seldom get discussed.

    • Thanks Collins! Definitely a big problem, especially for those just starting to use WordPress. We should definitely be putting more emphasis on staging environments.

  7. Brian, as always, useful topic for a post. It has made me rethink some of my update habits.

    The one angle I didn’t see you explicitly address is the relationship between the WordPress core and theme/plugin updates. In my observations, one of the main recurring reasons themes and plugins update are in response to WordPress core updates.

    Again, your suggestion of monitoring the change logs applies to this as well, but I thought it was worth mentioning. If I do run into an update issue, it’s usually from a plugin that hasn’t been updated (either by the site admin or by the plugin/theme developer) in response to a compatibility issue with a WP core update.

    I think non-security updates for WordPress core are worth sitting on too for a few weeks in some cases to make sure plugins have a chance to push clean compatible code.

    • Thanks Justin!

      That is perhaps sometimes true, but then there are plugins like Yoast SEO that probably push out 50+ updates in between WordPress updates.

      But like you said, the reverse is also true. Sometimes plugin developers are the ones lagging behind. That is an even bigger problem lol. Oh the joy of using WordPress.

  8. I learned this the hard way and received the white screen of death.

    Great to see some ways to check before you update those plugins.

    Thank you, Brian.

  9. At Woody Creative, we manage more than 50 sites at WP Engine, and we have tended to update en masse with no real issues. If a plugin update caused a problem, it’s easier to roll back to yesterday’s automatic backup than it is to create Staging environments for all 50+ sites, update plugins in Staging, test, and then push Staging to Production. It might be a bit of a roll of the dice, but our clients are not willing to have us spend the time/expense to create all those Staging environments and do the testing (most are small biz owners). For larger clients or those who have more business-critical environments, we would treat them differently. My Two Cents!

Leave a Comment