There is a bias towards XP=Insecure, but as you indicate… That is just out of the box, but you can make your XP into Fort Knox if you like and have the knowledge. Privacywise it is among the best, compared to Windows 7-10 out of the box it is by far the most secure system, but none seem to care mentioning that fact.
What I would be way more worried about are the hardware routers out there serving as the household’s gateway to the net.
Many of those have never seen a firmware update since they were installed. Some years ago, and considering that new exploits targeting vulnerabilities in these devices surface several times a year, this is the REAL security issue.
In other words, this toll on the bell for Windows XP is a little like a storm in a glass of water compared to the real issues and you can at least proudly say that you decide what uses bandwidth