It's one thing to have periodic vulnerabilities in fairly central technologies that have few alternatives, and whose developers take those vulnerabilities seriously.
It's another to consistently choose a technology that has visibly and consistently thrown security to the wind, leaves its users totally vulnerable, and has no reasonable fixes; especially when far, far more secure alternatives exist.
So no, I don't believe any of those are valid equivalencies. WordPress is not the 'right tool' for any job. And PHP itself is also culpable in similar fashion.
Nonsense on stilts. More serious exploits are routinely found in everyday tech. This is not a serious exploit, a stock install of WordPress isn't vulnerable. The idea that WP somehow is especially complacent about security compared to other major software projects is just a trope.
I'm sympathetic to the idea that WP need not be exposed when a site can be delivered with static files. That's a fair argument that I agree with. But no one's advocating abandoning IOS or Windows or Android because if you install a certain app, or if you use a browser or open a certain type of file you run the risk of exploits. To advocate the throwing out the baby with the bathwater over a bug like this suggests you cherry pick your concerns and/or have an axe to grind.
I am not aware of any serious vulnerabilities in an up-to-date WordPress site. Its security practices seem reasonable. Your link shows that most of the vulnerabilities come from plugins, plus WordPress is a big target.
WordPress is simple to set up, simple to use, and has a huge community. In the real world, it is often the best choice.
Except WordPress is almost completely founded on its plugins, so that's a non-trivial consideration. Specifically, if WordPress cannot provide proper abstractions, sandboxing, and protocols for plugins to be secure by default, the issue could be greatly reduced. As-is, its model both encourages such flaws to be included and provides its non-technical users with no viable way to identify which are likely to be vulnerable plugins.
The more time I spend in IT the more I appreciate extreme simplicity. Sure wordpress claims to be simple for the average user, but its always whats under the hood that counts.
And people still justify using it 'because it's easy and simple for non-tech folks.' The non-profit world is _riddled_ with it.