When you include plugins and themes — which is a must because that is how WordPress gets used — the ecosystem as a whole is a security shitshow. Many popular plug-in vendors have abysmal security records. You don’t need to find a vuln in core WordPress to pwn installs.
If you haven’t actually tried to do something professional with Wordpress, you might think this description is over the top. But it actually undersells how bad it really is.
No, you’re wrong! We’re going to implement our own custom CMS in Rust using WASM and deploy it to 5000 edge servers for our local brochure business website that needs a little bit of functionality and has a small budget with no technical experience.
