ble

I don’t know if WordPress is subject to SQL Injection. It could as well as any web application based on an SQL database backend. All software has defects, it’s normal. But you have to find defects and it’s not simple at least when an application is developed with some security in mind; reading posts of WordPress “staff” I guess that they are at least aware of security issues and ready to accept any suggestion about vulnerabilities: that’s good.
Anyway I want to underline a sentence in your post, Anonymous: “WordPress reveal its own database schema.”
IMHO, this sentence is quite a nonsense for an open source application and even more for a web application like WordPress that is released with its code and database schema available worldwide.

I was watching your templates just before posting here.
When I tell that I think that WP “lacks something in themes availability” it’s because I’m not a Professional Web Designer (like you…;) and it would be nice if next release will come with a set of themes.

Fixed… thanks