March 3, 2022

How to Safely Update WordPress Plugins

One of the main reasons WordPress is wildly popular is because of its plugin ecosystem. Plugins extend the functionality of a WordPress website beyond its basic blogging features. For that reason, plugins can be the operational backbone of WordPress websites.

Unfortunately, they need to be updated frequently.

WordPress provides an easy mechanism to update plugins from within the administrative dashboard. However, in some cases, updating a plugin can result in unexpected or even catastrophic behaviour. So, to that end, today, we’re looking at how to safely update WordPress plugins.

Why Are There So Many WordPress Plugin Updates?

Plugins are a never-ending responsibility. Some developers deploy new versions multiple times a month.

But why?

New Functionality

The first reason a developer may issue a plugin update is the introduction of new functionality. Plugin developers are always looking for ways to enhance their plugins with new features or to improve existing ones. This is just the nature of software and as consumers we’re always demanding more from the tools we use.


The second reason for a plugin update might be security related.  As the most popular Content Management System, WordPress websites are often the target of hackers and cyber criminals. Using automated bots, hackers search for websites using popular plugins with known vulnerabilities, in an effort to exploit those vulnerabilities for financial gain.

To thwart their efforts, developers are constantly testing their plugins for vulnerabilities. When they find one, they build a patch and issue an update.


Finally, as WordPress itself evolves as a platform and releases new versions, plugins may need to be updated – maybe to take advantage of new features or to remove references to deprecated functionality that is no longer supported by the platform. 

Why Not Just Use Automatic Updates?

In version 5.5, WordPress introduced the ability to automatically update plugins and themes. Site owners were now able to selectively enable auto-updates for plugins installed on their websites.

wordpress auto update feature

This is certainly a nice feature, and in many cases, automated plugin updates can be fine for minor changes. However, it can lead to problems for major ones. In worst-case scenarios — which aren’t that uncommon — a plugin update can unexpectedly break your website or alter functionality.

Imagine you’ve planned a big marketing campaign, all the advertising has been released, and on launch day, your site breaks because of an unplanned plugin update!

This is why taking time to update plugins in a controlled manner is a wise move. For ecommerce website or sites with considerable traffic, it’s a must. 

Of course, not every plugin update will result in a disastrous outcome.  However, taking a methodical approach to updating WordPress plugins will improve the reliability of your website and ultimately reduce costly outages.

So How Do You Safely Update A WordPress Plugin?

If automatic plugin updates aren’t the way to go, then how should you do it? Let’s dive in.

1) Wait, Don’t Rush

Deciding the right time to update a WordPress plugin is a bit of an art. Waiting too long can potentially lead to a security breach. However, blindly clicking the “update” button without fully understanding the impact is also a mistake.

For starters, new release versions aren’t always stable. Often, developers find bugs and issues after the initial update is deployed. As more websites update to the new version of the plugin, some might experience problems such as error messages, or compatibility with other plugins.  Those issues are reported back to the developer who will quickly fix the reported issues and deploy a new release.

So, wait a few days unless it’s a significant security issue.

2) Read the Changelog

Every plugin update comes with a Changelog, or release notes, explaining what was changed and why. It’s wise to read through these to determine if it’s a minor or major update – is it a simple change or does it have the potential to alter your site’s functionality?

For example, take the popular page builder Elementor. An overhaul of that plugin could fundamentally change your site’s design and functionality.

One way to gauge the impact of a new plugin release is to pay attention to the version number. Typically, version numbers are three numerals separated by a dot. The first number indicates the “major” update; the second number is the “minor” update, and the third number is the “revision.”

As an example, a version number may be 1.8.4, signifying that it’s the first major release, with eight minor tweaks and four less substantial revisions.plugin version numbers

As a general rule of thumb, major updates will have the most significant impact on the existing functionality of your website.  Those types of plugin updates – where the first sequence of the version number changes – should be thoroughly investigated before you go ahead with the update.

Where can you find the Changelog?

When a plugin has an update, the Installed Plugins page will highlight the update and include a “View version details” link. Clicking this link reveals the changelog and other relevant information about the plugin.

plugin update screen

3) Backup Before You Update

You’ve read through the Changelog, and now you’re ready to make the update. The next step is to take a backup of the site in the event that something goes wrong.

Backing up your website is easy.  If you don’t already have a backup plugin, go ahead and install one.  With many great options in the WordPress plugin repository, you might feel overwhelmed with all the backup plugins available. We recommend UpdraftPlus – it’s intuitive, easy to use and has over 3 million active installations.

Pro Tip:  In some cases, a plugin update might crash the site, preventing you from accessing the WordPress dashboard.  Make sure you have access to the backup files (through cPanel or FTP, for example) in the event you have to manually restore the website.

4) Test After You Update

Once you are done updating the plugins, immediately test your site. The scale and scope of testing will depend on the plugins updated.

For example, if you updated a plugin responsible for the contact forms on your website, do all the forms still work?

What if the plugin in question is a critical component of your ecommerce website? Do the cart and checkout pages still function properly?

Spending a few minutes testing your website after an update will save you from pain down the road.  It’s better to catch any issues now, instead of finding out later that some aspects of your website have not been working for weeks.

5) Hire a WordPress Maintenance Agency

Does all of this sound overwhelming? After all, new plugin versions are released often, so updating a site with many plugins can quickly morph into a time-consuming aspect of maintaining your WordPress website.

That’s why many businesses hire a WordPress maintenance agency, like WP Assist, to manage their websites. We have the expertise and tools to ensure plugin updates are performed safely and in a timely manner.

We offer competitive packages that includes timely WordPress updates, daily backups, enhanced security, improved performance and more.  If you’re ready to hand over your website responsibilities to a professional team of WordPress experts, let’s talk.

Join Our Newsletter

Stay up to date on the latest WordPress tips and news