Why do so many people think that WordPress is insecure? This is one of the top important questions and ongoing discussions in the WordPress space. And while lots of developers overestimate or underestimate WordPress security, many users couldn’t care less.
People simply don’t have time or wish to dig into all this security stuff and prefer (at least something!) to go with a security plugin only. Are you among them?