And enough security holes and slack module programmers to make PHPnuke look like a challenge.
You're thinking of Wordpress.org. Wordpress.com is a slightly different thing (albeit based of the multi-user version of the same software).
And lets face it, all software has bugs. If Wordpress wasn't fundamentally good at what it does, it wouldn't have become as popular as it has. Alas that popularity brought some nasties with it. They seem to be getting on top of the security issues now, though.
