Many of the sites we are working with use WordPress, which is one of several open source content management systems that are available for Web site developers to use. WordPress is powerful, extensible and easy for developers to use making it a great choice. It’s also very popular, which means you have lots of other sites using it.
That popularity can be a blessing and a curse. The fact that many others are using it means there will be lots of people who can help you if you have a problem. It also means that if you were a malicious person, and you knew how to develop a piece of software that could attack a WordPress installation, you could attack many sites with the same software.
The defense against these types of attacks is keeping your WordPress installation up to date. This is easy to do — click the “updates” section from your dashboard to see what updates are available and make sure they are applied. Occasionally, updates to the core and/or the plugins can break existing functionality, so it may be good to involve your a Web site development professional to be sure that nothing gets broken.
As of this writing, the current version of WordPress is 3.4.1 and it includes several security related issues that were fixed.