Original article from Smashing Magazine http://www.smashingmagazine.com/2012/10/09/four-malware-infections-wordpress/
- You can trust Wordpress core and need to keep up with updates (do upgrades as frequently as you can)
- You can not trust all plugins, you need check how secure, mature and professional they are
There is no real compare, but this is a big difference Wordpress has with Drupal. Drupal's community takes care of the security of core and its modules.