By default, the latest version of WordPress is pretty darn secure. The development team of WordPress has considered anything which may have been added to any fix malware problems free plugins. Before, WordPress did have holes but now most of them are stuffed up.
I protect an access to important files on the site's server by placing an index.html file in the particular directory, that hides the files out of public view.
Recently, an unknown hacker hacked the blog of Reuters and posted a fake news article. Since Reuters is a popular news site, their reputation is already ruined due to what the hacker did. If you don't pay attention on the security of your WordPress 20, Something similar may happen to you.
WordPress is one of the platforms for sites and blogs. While WordPress is pretty secure out of the box, there are always going to be individuals who want to create trouble by finding a way to crack into sites or accounts to cause harm or he has a good point inject hidden spammy links. That is why it's important to be sure that your WordPress installation is as secure as possible.
Implementing all the above will take less than an hour to finish, while creating your WordPress site more resistant to intrusions. Over 1 million WordPress websites were this past year, largely due to easily preventable security gaps. Have yourself prepared and you are likely to be on the safe side.