|
|
|
|
|
|
by rrreese
758 days ago
|
|
|
>Quick judgments I think most peoples judgments have been formed over 21 years. WordPress initially gained a reputation for being a fast and easy way to setup a website, then gained a reputation for being a security nightmare. Maybe its not anymore but people are right to be sceptical. I sure do see a lot of CVEs in the weekly update I check - maybe they're all low risk, or relate to rarely used plugins. |
|
|
lots of non-tech users heard that they can use plugins X Y Z for fun and profit, so they started to use them, but no one told them that managing dependencies requires some skill or at least discipline; that the fact some 3rd party pluggable software exists doesn't automatically mean it's good, viable, maintainable and safe; and that things in IT don't work by means of cargo cult, copy-pasting without underdstanding and by crossing fingers. So, there was a fallacy: these people believed (and many believe until this day) that they can remain being non-tech users while maintaining their wordpress-with-plugins installation, but it's impossible; one needs to become tech-aware in the process.
I am not sure what WP community did to dissolve this fallacy; maybe they did something. maybe didn't.