> This is mainly because a front end developer can vomit into a PHP file and Wordpress will gladly display it.

This made me laugh, but it's, alas, very true. In WP's ecosystem, the code you find in plugins, themes and WP itself will just makes your eyes bleed.

Very true indeed. I've done maintenance on a few WordPress sites and every time i opened up a new theme or plugin i thought "this can't possible be as worse as the last one." Boy, was i wrong.

While in Drupal, you'll get a white-screen-of-death that can be hard to back out of...

Not if you don't have the stupid PHP filter installed (it was ripped out of core for the Drupal 8 release, praise be to the heavens; for those unfamiliar, it was basically <textarea> plus eval()) and you're using decent version control.

I can tell you from experience that WSOD is plenty achievable in Wordpress too.

it's moving further up the chain. it is not hard to find a graphic designer who fancy themselves as wp experts because they can copy pasta css, install a module or two and ftp it to $3/mo shared hosting.

but honestly that is what many clients want, make it look pretty and don't bore me with your "best practice" and "you need to apply 12months worth of critical security patch's" mumbo jumbo.