WordPress
WordPress scores 45/100. Consider migrating to: astro, nextjs, hugo.
11334 total CVEs on record. 387 critical severity. 23 actively exploited (CISA KEV).
Average performance. Room for optimization.
19,500 GitHub stars. 450 contributors. 8 releases in the last year.
Poor AI-readiness. Built for human-browser consumption. Bloated HTML output, plugin-injected content, weak or bolted-on API support.
Adequate developer experience. Established patterns but some friction.
High cost. Significant hosting, maintenance, and security patching burden.
4 confirmed vulnerabilities being actively exploited in real attacks right now. Source: CISA Known Exploited Vulnerabilities.

A New Plugin Lets Shopify Store Data Flow Into WooCommerce
July 9, 2026 · 4 min
WordPress 7.0 Was Supposed to Be the AI Upgrade. Six Weeks Later, Most Sites Haven't Installed It.
July 3, 2026 · 5 min
Next.js Overtakes WordPress on the High-Traffic Web
July 3, 2026 · 6 min
Your WordPress Scan Came Back Clean. You Are Still Exposed.
July 2, 2026 · 5 min
A Self-Hosted Laravel CMS Enters a Market Shaped by 18,000 WordPress CVEs
June 29, 2026 · 6 min