After dealing with wordpress for 3 months, I come down to realize how crappy it is, a great example on what a project can become without a proper goal and heavy reliance on 3rd party code.

Free? (Not quite)

Wordpress is free but it costs something more than money, time.
Even not considering the fact that most of the extensions will constantly bug you to buy their paid version. There is no standard for themes, or extensions or what sort of path they should follow. Each creator sort of glues everything together and then releases it and calls it a day. So you have to look hours to change part of a text, or a variable that the creator forgot to include in settings and you have to manually search for it and edit it.

Slow

Being slow is not something new, anything asociated with PHP will automatically get this feature for free. (Not that PHP is bad though, but wordpress is not optimized enough). A simple optimization and security testing is something every dev should do which is part of users RIGHTS, unless you are providing it as a beta and in a small scale form.
I’ve done improvements from gziping all the packages, minifying the code, avoiding heavy pictures etc… but it’s not as smooth as other proper websites.

Plugins, Plugins and Plugins!

For the most basic tasks you will need a plugin, a simple reset function requires a pluging, contact form is a pluging, SMTP for managing emails is a plugin, website migration is a plugin, and it continues. The devs could’ve at least copy-pasted some plugings in the core project.
This modularity automatically brings exploits, each plugin introduces a new exploit and then you are in trouble.

Open-source Morals

Why didn’t I write this as Open source rules? because it doesn’t contradict any. Morally open source projects should allow direct access of everything and take money for support or premium plans if you wish and not poke it into your eye everytime you install a plugin or a demo theme. This is not on devs but rather on the community.

Solutions?

As a felow smol web dev, I will still recommend it for small sites that don’t need extensions that much, but for anything beyond that avoiding it seems the best solution. I wrote this website of mine as a static page, it is not as good looking but it’s both fast, reliable and almost non-hackable.