ergophobe - 6:05 pm on Jul 31, 2008 (gmt 0)

One thing that Drupal is working on for Drupal 7 is a security suite, which basically does unit testing with an eye to security. Obviously, it won't catch everything, but I think it will help you intelligently evaluate modules without having to understand all the code.

Hopefully Wordpress 3 will have a unit testing suite for stability and security for plugin and theme developers. That would get rid of a lot of vulnerabilities, or at least you would be warned.