After doing some #pentesting of a #wordpress #website , I am surprised they do not get #hacked way more often to be honest: https://portswigger.net/daily-swig/wordp.. The entire use of the #database and lack of #caching by default seems to be quite an issue. You can #ddos an otherwise #static #website entirely off of the #internet quite easily.
Damn, I just found out that my old #domain #registrar was taken over by #godaddy - quite a #hostile and #political #domianname #provider https://www.wordfence.com/blog/2021/11/g.. Apparently their #wordpress has been #hacked ... The #passwords were #stored in #plaintext "or a format that could be made into plaintext" - damn. And this is why I write my own shit.