Imagine that you created a tool that had all security features enabled. The usability of it would be incredibly low and barrier of entry so high that rarely anyone would use your tool. The idea behind allowing "open access" is to allow for a new user to learn the most important aspect of your tool by realizing what problems it solves.
Of course, from a security standpoint, people will still make mistakes like this, but the onus is NOT on the tool developers. They make it configurable for a reason.
This little comment about Mongo really bothers me... I disagree that it's a flaw. It's obviously the fault of the tech team for not securing the DB
"One flaw is that the default settings of a MongoDB database would allow anyone with an internet connection to browse the databases, download them, or even worst case scenario to even delete the data stored on them"
Of course, from a security standpoint, people will still make mistakes like this, but the onus is NOT on the tool developers. They make it configurable for a reason.