Hi, I run a webhosting company and am thinking of giving free WP accounts to the general public (via painless application process). A new user would only have access to their WP admin account; no shell, no ftp, no control panel, nothing except WP admin username and password, and their own subdomain. My question is this: would an anonymous person with a WP admin account on my server be able to compromise my server by installing malicious scripts? Is it safe to give a WP admin account to someone who, as far as you know, could be a mass spammer, hacker, terrorist, etc.? Any feedback would be much appreciated. Thanks!