WordPress makes it easy to start a website for anyone. All you need is a host, a MySQL server (usually provided free by the web host), and some content to fill up the blog.
WordPress is usually a great choice for people starting out and non web developers, but it's not a good platform for certain scenarios including ecommerce, security sites and custom applications.
In some cases, you can save yourself from many headaches by hiring a good web developer to create a custom web application instead of taking the easy route and installing WordPress.
WordPress is a Hacker's Paradise
Read any security forum where users ask for help and most issues stem from pre-packaged (off the shelve) website software. You'll also see that most people with severely hacked sites are running WordPress. WordPress is a hacker's paradise, because there are plenty of online scripts available for download that do all the work without the hacker even knowing how to break into the site. Information for hacking a WordPress site is also freely available around the web. WordPress is open-source, which means its source code is available for anyone to view and edit. Knowing any application's code makes it easier to find security holes.
Loads of Wordpress posts are about your password security, This is just one of the many ways to get access to a Wordpress Site they tend to forget mentioning poorly written plugins offer hackers a way to perform SQL injection, which is one of the most common hacks. While most plugin creators don't purposely create security holes, others create software that gives them a backdoor to your website's database.
Limited Scalability and Customizations
You can hire a programmer to customize WordPress, but your customizations are still limited to what WordPress allows through its platform. WordPress has an API for third-party code integration, so the developer can only work within the API's constraints. If you have a large ecommerce store or need to have unlimited customizations, it's probably best to stick with a custom application to avoid API constraints.
WordPress is a Spammer's Paradise
If you run a popular blog, get ready for hundreds (even thousands) of spam blog comments you must delete every day. Allowing these spam comments devalues your site in search engines such as Google, because spammers create comments with generic text to place a link on your site. If you have too much user-generated spam, Google sometimes places manual penalties on your web pages.
So you'll need to turn of some of the functionality you probably wanted!
Poor Customer Security
Your customers' security should be one of your main priorities. However, when you run WordPress and your site gets hacked, your customers' information is at risk of being stolen. It's especially problematic for ecommerce sites that store customer credit card details. Most WordPress owners use standard plugins found on WordPress' website, but these plugins are also available for hackers to download and evaluate. Because ecommerce stores hold more data than a simple blog, hackers target this type of WordPress site more frequently.
Limited Functionality
WordPress was originally created as a blogging platform, so most of its functionality is limited to blog-style posts and not a true CMS. While WordPress has evolved into an all-encompassing platform, it's clunky for more advanced websites. You can add a WordPress blog to an existing site, and it even runs on Microsoft Windows web servers. If you run more than just a blog, it's best to add WordPress to a customized website as an add-on instead of it being the main website software.
It's difficult to decide on a website platform, but making the wrong choice can cost you sales. Customers lose trust in your site if it's hacked, and WordPress is a main target for easy hacks.
The best web applications are built from the ground up, and you are unlimited with what you can create when using a customized website application.