WordPress is a world famous free open source Content Management System, in fact it is the number 1 ranked and most used CMS. Few years back hacking was a big headache in WordPress. It is easy to build a website with WordPress free themes and plugins and easy to edit the content. But Hacking is a big challenge in WordPress.
Most of the time hacking occurred due to less secure passwords, low quality free plugins and themes, outdated themes and plugins, free version of stuff and some cases it was happened with hosting companies also.
In my experience, I saw many Hosting companies are also pushing the spam-my code into WordPress sites and sending notices to the webmasters to clean that code, they should use some cleaner software, which is very expensive. Only experienced people aware this kind of tactics and keep a backup copy to overcome such instances.
Every web designer must keep high secure passwords to secure their WordPress website. Your password must contains lower case letters, upper case letters, numbers, special characters and at least 10-15 character length of the password.
It is better to buy dedicated WordPress hosting, which is specially designed to improve the performance of the WordPress website, regarding we can discuss in another thread.
Mostly one should avoid free stuff like free themes and plugins that might cause for hacking issues.
There are so many practical things we observe in real time environment, which we can share in this forum.
Keep posting your comments below.