Drupal is a content management system — you can think of it as WordPress on steroids.
I would like to say that Drupal is majorly lacking in its upgrade procedure. The Drupal upgrade procedure is stone age. Security advisories seem frequent (good or bad?) which force the need to upgrade.
Who the hell has a 13 step upgrade procedure anymore? With WordPress the update can be handled with a few button clicks from the admin interface. Drupal requires you to FTP into your site….and it doesn’t end there…
I think we need to get a discussion started about whether or not frequent security advisories is a positive or negative. I can think of arguments for both sides.