WordPress has become a popular platform for blogs and even full websites. Its scalability allows for everything from basic blogging, to full-scale e-commerce sites. But like all things popular on the web, it is a favorite target for hackers.
Rule #1: Update – keep your WP version current!
Make sure you are keeping your WP version relatively current (by this I mean the WP software that you can download and host, not your blog that’s hosted ON wordpress.com, like this blog–in this case, your blog is updated BY wordpress and you don’t have to worry about it). Older builds stop being supported and become easier and easier to exploit. If you’re using a ton of plugins then updating every time a new build becomes available may not be an option for you, as plugin developers don’t always update right away. Nevertheless, stay as current as possible.
Rule #2: Don’t use easy logins and passwords (ie. login: admin, passowrd: 12345).
Weak passwords are easily hacked.
Security Sentinel 