Maxim Weinstein from StopBadware.org posted an article recently titled ‘WordPress still a common entry point for bad code’. StopBadware.org is well respected and has done some great work in identifying and listing Sites which contain Malware and other unwanted software.
I am an avid WordPress fan and personally own and manage 25 Sites (as well as managing other WordPress Sites for customers) hence my interest in the article. As a consultant I also know that ‘prevention is better than cure’ therefore tasks that are reasonable in eliminating security (and SEO) threats usually constitute time well spent.
I thoroughly recommend reading the article. The recommendation to install updates applies to most software (e.g. Microsoft Office, Adobe products etc.).