The most common way WordPress websites get hacked come from a plugin and theme having a vulnerability, and the website owner has not applied the plugin or theme update to resolve the vulnerability.

This is why it’s very important to regularly apply WordPress updates for core software, themes, and plugins.

A great way to beef up your WordPress security is by installing Wordfence, which comes with a WordPress firewall and malware scanner.

See our post on how to secure your WordPress website.