so wait hold up, they wanna ban chinese apps because of data concerns, but they also want a law that bans the use of encryption? or at least gives them a backdoor into anything? hold up.
Anything that is specifically turned to the Content you publish. WP has a lot of code-rot (look how long it take to use a DBAL and not be married to php's legacy mysql library,) and thus php will break WP or a plugin, or the plugin won't get updated, or a theme won't get updated, or WP change functionality for no reason, or php renames a function for no reason, or whatever. Like you can not simply set it up and have it download minor updates when needed and last 10 years. If you're still running a WP site that has survived 10 years of updates, chances are you use no plugins, have no comments, and locked down the wp-admin to just your ip address.
It takes over 128MB of memory resources just to process one page on WP, where as a tuned CMS should take no more than 10MB. You don't need everything and the kitchen sink, when all you need is the kitchen sink. Like at last check, the core WP was taking around 70MB and the "highly recommended" Jetpack plugin added another 70MB on top. You know, on bulk-hosters that do not run op-caches or FPM. Slow as all hell even with caching plugins.
If all you need is a business-card site, just use WIX or Squarespace, and leave all the nonsense to them. If you need a "brand" site, then Joomla or Drupal would be better options. Brand sites are things like multimedia entertainment properties. However Joomla and Drupal also have the same core-rot problems WP has, just at a slower pace. (Joomla had 4 and 8 years between LTS versions.) Drupal so far is having faster core-rot, but most of the needed functionality is actually part of the core. I don't personally like the direction Drupal has gone (Symphony and Twig) as at least one of those have insanely fast code rot, and "script language on top of script language" is just a bad idea in principle.
However, if you're going to invest in Drupal, you probably want staff that actually know how to use it, where as WP, "looks easy" but but it's so easy screw up since you can actively edit it's own php code from within the CMS.
Any sane website administrator would never permit a user to use wordpress on a shared-system, since it will be able to read any file on the server the HTTP server has access to, and many servers are simply "run out of the box" configurations which is so much worse for that. Drupal and Joomla likewise. With the advent of all the Intel cpu side-channel attacks, I 'm just going to say shared systems where executable code can be processed are done. If a company like godaddy or dreamhost, or bluehost, etc wants to continue to sell business card sites, they need to stick to the kind of "let me do it for you" style WIX and Squarespace use, and not permit any php/perl/python/ruby/java/javascript(node) to be uploaded at all.
So between the incredibly steep system requirements and necessary security, wordpress is something you only deploy on one machine, with only one WP installation to serve all the WP sites, and you lock it the hell down so that only the machine admin can install plugins or themes. That's the only way it runs efficiently.
Blogger and Tumblr still exist if all you need is a blog.