How to explain a bad WordPress Theme

Hi all,

I’m a theme developer and at work, we have taken over 3 sites for one client. Let me quickly list some things you should know about these sites

– Not up to date (Theme, Core or Plugins)
– The backend is a complete mess (35 headings on the left, I have to scroll on a 27″ iMac…)
– There are in total 63 different page templates
– Nothing is enqueued

Now, this theme is a pain to manage. I’ve been asked to add yet another page template (Which I don’t want to do, as I’m adding to the problem). I can’t update the site because it will 100% break. This site is calling to be hacked, and it will only be a matter of time.

The client has 10 bloggers in his business. Now, instead of showing each authors posts and bio on an author page, there is a separate page for each author, with a custom template assigned. The authors are entered as categories and I have to manually add author ID’s to the loop for the blog page, and create another page template for each authors individual blogs. Each author bio has been added via a CPT, which is pulled onto each page.

Basically their installation is a security incident waiting to happen. The client doesn’t get it, my bosses don’t get it, and I realllllllllly hate adding to the problem.

Can anyone give me some advice on how to approach this to my boss and likely the client?

Cheers,
Ash