Ah, I wasn't aware at all. My comment was a bit tongue in cheek... it seems there's 2 or 3 ways sites get hacked...
nothing that's really inherent to PHP,
1) not cleaning GET/POST variables or allowing unclean data into the DOM
2) bad file permissions
3) SQL injection.
It's just that PHP is more widely used to exploit the above. I wish I knew more Perl to be truly neutral on the subject... it seems anyone that programs with Perl doesn't have many bad things to say about it.
If I were to look for vulnerabilities it'd be on wordpress for sure, but there's plenty people already on that already