As well as enjoying them with a cup of tea, we like using cookies on our website to allow us to remember who you are and show you things we think you’d like. For more information about how we use cookies, you can find out more in our privacy policy.

Sorry, Internet Explorer is no longer supported.

To visit Framework Design please donwload the lastest version of either Google Chrome, Firefox or Safari for the best experiece.

A illustrated dog-man sits in a fiery room with an expression like everything is fine although it is not fine

Why Staying Up to Date Could Save Your Website (and Your Reputation)

Word support repeated across a blue background

Why Staying Up to Date Could Save Your Website (and Your Reputation)

Paul

Paul

When a household name like Marks & Spencer suffers a data breach, it should make you sit up and take notice. For small businesses and organisations, it should feel less like a distant headline and more like a direct warning.

The truth is, vulnerabilities don’t care how big your brand is. They care how up-to-date your system is.

At Framework, we work with a variety of platforms, WordPress, Craft CMS, Drupal, and Statamic, and every one of them needs regular care. So let’s break down what’s current, what’s critical, and why PHP versions matter just as much in all of this.

CMS Platforms & Their Latest Versions (as of May 2025)

WordPress – 6.5.3

  • Minimum PHP version: 7.4
  • Recommended PHP version: 8.1 or 8.2
  • Risks if outdated:
  • Plugin vulnerabilities (the recent M&S breach was reportedly due to this)
  • Core exploits via old REST API flaws
  • Incompatibility with newer plugins and themes

Craft CMS – 5.1

  • Required PHP version: 8.2+
  • Risks if outdated:
  • Custom plugins relying on deprecated PHP functions may break
  • Known vulnerabilities in Craft 3 and early Craft 4 around user sessions and matrix fields
  • Admin panel exposure to brute-force attacks without recent security patches

Drupal – 10.3

  • Recommended PHP version: 8.1 or 8.2
  • Risks if outdated:
  • Known XSS and injection vulnerabilities in older versions
  • Poor handling of user roles and permissions
  • Limited support for modern PHP libraries and modules

Statamic – 4.39

  • Required PHP version: 8.1+
  • Risks if outdated:
  • Addon conflicts
  • Known bugs in control panel permissions
  • Broken forms, user auth, or content APIs due to stale packages

Why PHP Versions Matter Too

Upgrading your CMS but leaving your PHP version behind is like fitting new tyres to a car with a leaking engine. PHP versions receive security updates for a limited window, usually 2 years. After that, it’s open season for exploits.

PHP Lifecycle Highlights:

  • PHP 7.4 – Security support ended November 2022.
  • PHP 8.0 – Security support ended November 2023.
  • PHP 8.1 – Security support ends November 2024.
  • PHP 8.2 – Fully supported and stable.
  • PHP 8.3 – Gaining adoption; early adopters welcome.

Using unsupported versions is like publishing your vulnerabilities in a tech magazine and hoping no one reads it.

How Framework Can Help

  • We offer affordable upgrade packages tailored for:
  • Major and minor CMS version upgrades
  • PHP version compatibility checks
  • Plugin/module audits
  • Secure backups before deployment
  • Ongoing maintenance support

We’ve handled updates for national organisations, local councils, ecommerce shops, and everything in between. It doesn’t have to be painful, but ignoring it might be.

Final Thought

Websites are living systems. Leaving them unpatched is like never locking your front door, you might get lucky for a while, but eventually, someone will try the handle.

Let’s keep your website safe, fast, and future-ready.

Get in touch, before the next M&S story has your name on it.

Safe_Internet_Day-01

Stephan -

5 Top Tips for Staying Safe Online.

View

Christian -

Five Signs Your Website Is In Need Of An Update.

View
1691276110331

Christian -

Naming Strategy: X Marks the Spot

View
Our
Services.