I strongly suggest to use CUSTOM made PHP application with required security features instead of opensource applications. You will be trapped by loopholes in theme files, plugin files, upload directory or so.
if you are going to handle sensitive data.. Then always use custom built PHP application with following security checklists.
1. XSS attack prevention
2. SQL injection prevention
& more.