> If it’s your own personal blog, then for sure no need to read the code,

I can off the top of my head think of at least three ways in which being careless with the code powering "your personal blog" could have real consequences. Suppose it has a bug which allows unauthenticated users to manage your pages, or even worse remote code execution. Then it could be used as a jumping-off point to attack other systems, for instance by turning it into a C&C server for some malware. It could be used in a "watering hole attack" against your readers. Or someone could edit the blog articles to make it appear that you said something you didn't.

"Not reading the code" is irresponsible for any software exposed to the global network.