[xdude]

speaking of security . sometime the wordpress plugin can have a vulnerability . most of the time it is sql injection . wordpress itself doesnt gave the sql injection exploit but with the poorly written plugin it can . my empty wordpress site with some plugin built in for the template used to hacked for no reason . but the good thing is that there is also a SECURITY wordpress plugin

and yeah wordpress have rapid development because more developer are in . it is one of the biggest open source project and one that doesnt feel open source but it is open source . making the normies like it

Very true. But this is why people should take only those plugins in Wordpress Repository rather than from various sites. Also, people should check if the plugin gets updated regularly. I have been using Wordpress since 2008 or 2009 for all my sites and only once I had a SQL Injection. Even that was not from Wordpress but a server-level compromise at Godaddy. Those days I was using shared hosting.

This is a problem you easily avoid if you use plugins and themes from reliable sources. Also should keep everything up to date. Joomla haven't had this problem not only because their security but also there aren't too many extensions.