WordPress is a popular target because majority or the web uses it to manage and publish their content. According to the 2016 Sucuri report on WordPress continues to lead the number of infected websites at 74%. This report focuses on four open-source content management systems(CMS). In addition to WordPress, it covers Joomla!(14%), Magento(5%) and Drupal (2%). Sucuri found that on average, WordPress installations had 12 plugins installed at any given time. The top three plugin vulnerabilities contributed to 22% of WordPress site hacks: Gravity Forms, TimeThumb and RevSlider.
I know that sites that we are using for our classes are all WordPress based. It is dangerous if school accounts are hacked. It may lead to identity theft. WordPress is very useful for developers to design but meanwhile, they need to pay attention on the security side of using WordPress.
Link: http://www.infosecurity-magazine.com/news/16000-wordpress-sites-have-been/