Archived; click post to view.
Excerpt: WordPress is great. So are most other free and/or open-source applications. The only problem with these applications is that no matter how secure the other parts of your web site are, using such a popular application makes you an easy target for their widely circulated exploit scripts. There are lots of prying eyes on, say, WordPress. And exploiting popular open-source applications is interesting, because you get more bang for your buck. Upgrading helps, and of course we do it. But it still won't help for 0-day exploits, and it's not easy when you're managing…