For over a decade, WordPress was the undisputed titan of the web, peaking at 43.6% of all websites globally in early 2025. By mid-2026, that market share had bled down to 41.9%. In an ecosystem comprising hundreds of millions of websites, a drop of this magnitude is not a mere statistical anomaly; it is a mass exodus. WordPress is no longer the default choice for web development. It has become a legacy system groaning under the weight of technical debt, community infighting, and an architecture fundamentally unprepared for the artificial intelligence revolution.

To put it bluntly:

WordPress is like a favourite uncle that used to be the life and soul of the party but now relies on strong medication and sits drooling in the corner.

We all remember how great it used to be, but pretending it is still a viable, modern powerhouse is an exercise in wilful delusion. Here is the unvarnished reality of why the platform is facing a terminal decline.

The Plugin Ecosystem Collapse and the Abandonware Crisis

The WordPress ecosystem was built on the labour of thousands of independent developers creating and maintaining plugins. For years, this was its greatest strength; today, it is a fatal weakness. That model is permanently fracturing.

Managing a modern WordPress site has turned users into part-time sysadmins, and building plugins has turned developers into underpaid, full-time debuggers battling constant compatibility issues. To build a standard business website today, an agency must stitch together dozens of disparate plugins—a Frankenstein’s monster of code written by different people, at different times, to different standards.

As developers realise they can pivot their skills to far more lucrative and interesting projects in the AI sector, popular WordPress plugins are being updated less frequently or abandoned entirely. This creates a terrifying “abandonware” crisis.

  • Silent Failures: A widely used plugin does not send out an alert when its sole maintainer takes a high-paying job at an AI startup. It simply rots in place.
  • Structural Liability: Core functionalities—from caching to e-commerce and SEO—are increasingly running on borrowed time, managed by ghost developers.
  • The PHP Burden: PHP, the underlying language of WordPress, is viewed by new developers as a relic. They are not learning it, meaning the pool of replacement talent is non-existent.

The “AI Wrapper” Grift: Milking a Dying User Base

For those developers still stubbornly investing time and money into the WordPress ecosystem, the financial reality is bleak. Organic traffic to plugin repositories has plummeted, and traditional yearly subscription renewals are haemorrhaging as users migrate away. In a desperate, feverish bid to plug these massive financial gaps, developers are flooding the market with a plethora of so-called “AI Tweaks.”

Do not mistake this for genuine innovation. A caching plugin does not need a generative AI module. A contact form does not require a proprietary chatbot.

What we are actually witnessing is the rapid proliferation of thinly veiled API wrappers. These “features” are really no more than a vehicle for generating token-hungry add-ons in an effort to bolster a declining income stream. Instead of addressing underlying code bloat or fixing legacy bugs, developers are slapping a clunky UI over a basic OpenAI or Anthropic API call and marketing it as a “Pro AI Upgrade.”

Site owners are being aggressively up-sold on recurring, token-based subscriptions to perform basic tasks—like generating meta descriptions or rewriting standard text—which they could do for free in a separate browser tab. It is a parasitic monetisation model. These token-hungry bolt-ons do nothing to improve the core functionality of the website; they merely add another layer of external dependency, slow down the server, and squeeze the last drops of revenue from a captive audience too intimidated to migrate to a new platform.

The New Security Threat Matrix: No-Guardrails AI

Abandoned plugins are the first vulnerability; the weaponisation of artificial intelligence is the second. Historically, exploiting a WordPress vulnerability required specific expertise, manual effort, and time. Today, the proliferation of open-source, no-guardrails AI tools has democratised cyber-warfare, shifting the balance of power permanently to the attackers.

Bad actors are currently leveraging unrestricted AI models to parse massive repositories of outdated WordPress PHP code, identifying obscure vulnerabilities at an unprecedented scale. In 2025 alone, over 11,000 new vulnerabilities were recorded in the WordPress ecosystem—a 42% year-on-year increase.

Threat VectorTraditional Era (Pre-2023)AI-Driven Era (Current)
Exploit DiscoveryManual code auditing and trial-and-error.Automated, continuous algorithmic scanning of source code.
Attack ScaleTargeted attacks or slow-moving botnets.Simultaneous, mass-generation of zero-day exploits.
Response TimePatches developed in days or weeks.Exploits deployed in a median time of 5 hours.

These AI systems can write and deploy payloads for thousands of abandoned plugins simultaneously. With fewer active developers remaining to patch these vulnerabilities, the WordPress ecosystem is fundamentally outmatched by the speed, scale, and sophistication of AI-generated attacks. The platform’s open-source nature, once a badge of honour, is now a highly accessible roadmap for autonomous malicious agents.

The Ticking Time Bomb and Exponential Decay

How long will it take for WordPress to actually die? The decline will not be a slow, steady, linear slide spanning decades. Technology adoption curves do not work that way. The collapse will be exponential.

Currently, the decline is a trickle: early adopters and agile agencies migrating to newer, headless, or AI-native architectures. But the foundation holding the remaining 40% of the web together is fragile. The sheer volume of technical debt and unpatched code makes a catastrophic failure practically inevitable.

It will only take one major exploit—a zero-day vulnerability in WordPress Core or one of the top five ubiquitous plugins (like WooCommerce, Elementor, or Yoast)—to trigger a stampede. Imagine a scenario where an AI-generated exploit bypasses firewalls and simultaneously infects millions of sites with ransomware or aggressive SEO spam, and there is no developer community robust enough to issue a patch within that critical 5-hour window.

The moment a vulnerability of that magnitude goes public and causes unmitigated financial damage, the narrative will instantly flip from “WordPress is an industry standard” to “WordPress is an uninsurable liability.” Agencies, terrified of client lawsuits, will race to abandon the platform. Enterprise clients will demand immediate migrations. The trickle will become a flood, and the market share will freefall.

The Rapid Rise of AI Web Development Tools

Clients no longer want to manage the bloat of WordPress. The rapid rise of AI-driven web development platforms has completely altered market expectations, rendering the traditional CMS model obsolete. Modern AI web tools can generate fully responsive, secure, and bespoke websites in minutes.

Where WordPress demands a punishing initiation ritual—requiring constant server tweaking, database optimisation, and the ever-present fear that a single plugin update will irrevocably break the cascading style sheet (CSS)—AI platforms offer frictionless deployment.

Why the Market is Pivoting:

  • Zero Maintenance: No databases to corrupt, no core files to update, and no plugin conflicts to resolve.
  • Instant Iteration: Instead of fighting a clunky visual builder like Gutenberg or Elementor, users simply prompt an AI to redesign a layout in seconds.
  • Inherent Security: Flat-file architectures generated by AI eliminate the database-driven attack vectors that plague WordPress.

The Great Pivot: From “Designers” to “Deployers and Optimisers”

For traditional web developers and agencies clinging to the old business model, the writing is not just on the wall; it is flashing in neon. The era of charging thousands of pounds for a bespoke “web design” built on a WordPress foundation is over. The very act of designing a website is rapidly becoming commoditised—reduced to a task that anyone with an internet connection can accomplish in a few minutes for free, or for a negligible monthly subscription.

Yes, there will always be a segment of the market—business owners who feel they lack the time, the inclination, or the baseline technical literacy to generate a site themselves. But make no mistake: this is a rapidly diminishing pool. Building a business model around the technological ineptitude of your clients is a strategy with a definitive expiration date.

The agencies that survive the death of WordPress are those pivoting aggressively away from “design.” The new value proposition is not creating the visual asset, but operationalising it. The demand has shifted from “build me a website” to “make this AI-generated site live under my custom domain, ensure the DNS routing is secure, and make sure it actually ranks on Google.”

Forward-looking agencies are already adjusting their offerings. They are rebranding from “web design studios” to “digital deployment and AI-optimisation consultancies.” Their recurring revenue no longer comes from patching outdated PHP plugins or fixing a broken slider. Instead, they charge for keeping AI-developed sites contextually fresh, managing complex integrations, deploying autonomous marketing pipelines, and playing the endless game of search engine optimisation against AI-generated competitors. The future belongs to the deployers and the optimisers; the traditional “designers” are going the way of the typesetter.

Distraction at the Core

The future of WordPress Core is equally bleak. The platform relies on a heavily patched, two-decade-old architecture. Modernising it requires immense, focused developer resources. However, top-tier engineering talent is continually distracted by the shiny, high-paying possibilities of AI and machine learning.

The visionary developers who would traditionally contribute to modernising WordPress Core are migrating to frameworks and technologies that represent the future. They are building Large Language Models (LLMs), neural networks, and generative design tools. This brain drain leaves WordPress with a shrinking pool of talent to manage an increasingly outdated codebase. As the technology sector sprints forward, WordPress is being left behind, maintained by a skeleton crew of traditionalists while the innovators build elsewhere.

A Contentious Civil War

Beyond the technical decay, the platform is suffering from a catastrophic leadership and governance crisis. The highly publicised legal and public relations war between Automattic (the commercial arm behind WordPress.com) and WP Engine (a major managed hosting provider) that erupted in late 2024 has irreparably shattered community trust.

WP Tavern

This conflict saw the unprecedented weaponisation of the central WordPress.org repository. The fallout was devastating:

  • Access Revoked: WP Engine customers were blocked from accessing vital plugin and security updates.
  • Hostile Takeovers: Widely used tools, such as the Advanced Custom Fields plugin, were forcibly seized and forked by the WordPress.org leadership. WP Engine
  • Ideological Pledges: Mandatory loyalty pledges were implemented for community contributors, suffocating open-source collaboration.

The resulting mass employee resignations at Automattic, multi-million dollar lawsuits, and the alienation of enterprise clients sent a clear message to the corporate world. When the custodian of an open-source project leverages its critical infrastructure to punish competitors, enterprise trust evaporates permanently. Corporations are now actively migrating away to mitigate the risk of being caught in the crossfire of an eccentric founder’s vendettas.

The Final Verdict

WordPress will not vanish overnight. Like our heavily medicated uncle, it will linger, sustained by sheer momentum and the reluctance of massive institutions to undergo the pain of migration. However, its era of dominance has definitively ended. The toxic convergence of an exponential decline, desperate token-hungry monetisation tactics, the looming threat of a mass-casualty security exploit, the commoditisation of web design, and a bitter civil war has fundamentally compromised the platform. The web is moving on, and it is leaving WordPress behind.

WordPress is dying a slow and painful death find out why and how

So, you’re about to take the plunge and start a new kit.  This might be your first or perhaps, like many, you’re returning to the hobby after a long layoff.  Whatever your situation, this guide will give you some invaluable tips, tricks and techniques to get you started or re-started.  What’s more, I update this article regularly, so do pop back from time to time.

Welcome back

If you’re brand new to the hobby, you can skip this section, if you like but for now, let’s assume you’re returning perhaps for the first time since you were 8 years old!  Back when you were young, plastic modellers had few options.  There were Aifix and Revell kits, Humbrol or Revell plastic cement and enamel paints.  That was about it.  Today though, you’ll be overwhelmed by the available options, the specialist tools, acrylic paints from a dozen or more manufacturers and about the same number of options for glue, not to mention something called “weathering” which has opened up the market for another huge range of products – all designed to part you with your hard-earned cash.