GENERAL SUSCEPTIBILITY #
There are two main susceptibilities:-
**LOCAL Network/Machine: Always run full malware and anti-virus in order to prevent your system from infected files.
**SHARED Hosting Provider: After checking your local network always check your shared hosting provider. The hack may not have been originated with your install, but it may have affected multiple sites. You should be aware of whether or not your host is responsible or a junky theme/plugin etc is responsible. Consider a premium security solution such as managed WordPress hosting.
SECURITY SUSCEPTIBILITY #
While there are many ways in which WordPress site is susceptible to attack. Here we will brief about a few common spots at fault:
**WEAK usernames/passwords: Have you ever noticed the standard “password strength detector” in WordPress 3.8, which tells you to create a strong password. It’s not worth keeping your password simple if that also gets you hacked. If you are hacked then change all your backend passwords(FTP/SFTP/My SQL) and the passwords for everyone who has access to your site.
Change your password again, to be safe.
**NO UPDATION of WordPress core and its themes/plugins on regular basis: If you see that an update is available, backup your site and run it.
**THEMES/PLUGINS bugs: Sometimes popular themes/plugins will have an unexpected security flaw. So it is advised to read up on the plugins before you start to install them.
Finally, be sure to follow all applicable WordPress security best practices in the future.