I’m not saying WordPress isn’t secure, but the perception seems to be
“WordPress is not secure”
It’s said in TechCrunch, it’s called out to Matt, JD of Get Rich Slowly had big trouble, and there are a lot of tips and tutorials. The Codex entry on Hardening WordPress is missing some stuff… but the perception keeps turning more and more negative. If it keeps up like this some other platform will come along claiming to everyone to be more secure than everyone else and a lot of people will migrate just because of that.
I feel to avoid this the focus of WordPress 2.7 should be security. We already have a stable and flexible platform to establish and maintain blogs, so now it must become a secure platform.