I think you indicated the problem. You can be secure or insecure in just about any language, but the barrier to entry is so low in PHP that it is easiest for beginners to do a lot of damage while still launching an app.
I’d rather there be some learning curve so people understand what they’re doing (or not doing).
I’d rather there be some learning curve so people understand what they’re doing (or not doing).