When it comes to WordPress Security there are somethings you should be aware of, first is the fact that most do not ever change there admin which is standard on WordPress.
The first thing you need to do is to change the users section and ad a new author to your site, this will lesson the chance for
you to get hit.
Then ad new user but when you do make sure you give that name administration rights
Once that is done, you will be light years ahead of everyone else for security reason's
Because every time you post, your author name (in most cases is what is on the post and a loophole for hacker's
Here is a video in case you got lost
Once that is done you should look at changing how you login, go out and get a plugin called lock down
There are other plugin's out there like Loginizer which help's from brute force attack.
But i like simple plugin's and to be honest did not care for that one, it seemed like everyday my site was under attack and i thought why?
Now with this being said, these are just small measures one can take to prevent from being hit, there are other ways as well.
Watch your comment's for your site. they can inject code and that is as simple as putting out the welcome mat.
Like i said these are small measures one can take, but what you need to keep in mind is why would someone work on your site when there are so many other easy targets out there?
If you are struggling with your site go HERE