intern3t wrote:i use drupal. does it mean its not the most secured?
well, it's not that easy, "not many flaws found so far" doesn't mean it's generally secure (and vice versa), you also have to see it in context with how widely used the software is.
Plone for example seems very secure when you look at the absolute numbers of flaws found....but Plone is used by only a very limited number of people compared to Wordpress and Joomla, and so it's not that interesting for potential attackers/exploiters who want to get access to as many sites as possible at the same time.
security is also not depending on the used platform alone, because a CMS is no "install and forget" thing...you always have to be after the latest updates and pick add-ons wisely (there are plenty of Wordpress plugins out there which are abandoned since years already, VERY bad idea to use such a plugin for example).
ph0bYx wrote:Looks like Wordpress isn't so bad after all.
personally I made no bad experiences with WP yet, and I have developed a LOT of WP sites and host even more of them....of course I provide an environment which offers extra security (I even host a few Joomla 1.0 sites which would be pwnd within 5 minutes without the server-level security features), so my experience of course differs from WP sites on poopy standard mass hosting.
