M. Meike, J. Sametinger, A. Wiesauer: Security in Open Source Web Content Management Systems, IEEE Security & Privacy, vol. 7, no. 4, pp. 44-51, 2009.
DOI: 10.1109/MSP.2009.104

Users of Web content management systems lack expert knowledge of the technology itself, let alone its security issues. Complicating this, WCMS vulnerabilities are attractive targets for attackers, leaving the applications and their nonexpert users open to exploitation.