For quite a long time I have had problem with the wordpress platform because it is so widely used. It is prone to being hacked and that seems to be a problem with opening comments and also installing of plugins.
You can use webcruiser to check for vulnerabilities but well your web host/security plugin might also try to ban your ip/etc after a while because it might detect that something is trying to hack your site. Basically after running a while before it was banned we found quite a lot of vulnerabilities which they could inject code into the wordpress site. The core of wordpress should be rather secure because the base of programmers looking at the code is alot but when you go into plugin it becomes very grey because there are many plugins are not so many people are looking into the vulnerabilities of plugins.
After using Exporting out the wordpress is also a very big pain. As the site is becoming bigger. Using a lot of the wordpress plugin tend to try to store the backup file in the server, eating up the server space also when you try to backup again it backups the backup as well like wp migrate all in one. Also when u try to restore it keeps a lot of infected files. When you try to export the file using wordpress export and also wp migrate when you have a lot of media file it becomes impossible to export them. So migrating becomes a very big pain also. You also get web hosting coming after you and tell you that your scripts are consuming too much cpu/etc. Infected and is sending spam which end up you have to fix but if you are just trying to migrate it using the plugin it becomes impossible to fix because you are also migrating the infected files as well.