Looking at Mr Ferrara's post it seems that WP still uses the mysql database driver, not PDO (or mysqli).How long has it been deprecated ? Six years? That's inexcusable.
But I still don't see why fixing it properly should break plugins?
It can't be using the old mysql driver because WordPress supports PHP 7 which no longer includes it. However, it does use its own database wrapper. This wrapper has been upgraded so it doesn't use the mysql driver any more, but it still exposes the same original API that it always did, so it isn't using any modern DB techniques internally like prepared statements, even though it is internally using a DB driver that would support them.
Worse than that, the API was written to emulate prepared statements, and a number of recent WP flaws (including this one) have come about as a direct result of the poor quality implementation of this feature.
So it may not be using the mysql driver, but it may as well be, because it the API it presents dates back to the days of that driver and carries with it all the flaws and compromises that were made back when it was first written. And you're right, that is inexcusable.
The sad thing is that they really can't fix it, because fixing it would completely break the entire WordPress ecosystem.
It would indeed break all the plugins because the only way to fix it properly is to radically overhaul WP's DB library, including the API that it exposes, which is of course used by every WP plugin there is.
Biting the hand that feeds IT
