Which WordPress version is highly vulnerable?

WordPress versions up to 6.4.3 and including this one are vulnerable to sensitive data exposure as per Common Vulnerabilities and Exposures (CVE) details. It is a huge security issue for users as it can result in various problems.

Does WordPress get hacked too often?

WordPress is a popular target for hackers. But like many other website building platforms, it is also highly secure from the core. There can be security challenges due to vulnerabilities. Themes and plugins usually pose a security risk because this is where most vulnerabilities are found.

Is WordPress prone to XSS attacks?

Your WordPress website can be susceptible to Cross-Site Scripting or XSS attacks if it lacks proper security measures. Plus, failing to implement input validation and sanitization can enable attackers to successfully carry out XSS attacks.

Guide to WordPress Security: Vulnerabilities and Mitigation