There have been a few high-profile cases in the past year or so of mass hackings of such sites. Thing is, the ultimate fault of those hacks comes from the servers at the hosting companies, not the site owners or the WP content-management system (CMS) in and of itself.
With WordPress being the most-used CMS for Websites, and most of the largest Web hosting companies providing these services for such sites, it stands to reason that hackers are devoting much of their time to penetrating WP sites and their hosts.
WP is built on a programming language called PHP, which is also used for other CMS platforms. That’s a key point you need to know, as you read the following passage from one of WP’s lead developers: