It seems like maybe me and Wordpress are not a good match. It just gets hacked. I have one I put up for a customer maybe 1-2 years ago, no extra plugins, and hacked. Had the same thing with another site. It seems pretty obvious you have to put the customer on a maintenance plan if you are going to have wordpress. Our company's software, phpLD started getting installed all over the net in 2005 range, and many of those are still running today. There has not been a major I ever. Maybe it is because we are not as popular, but I'm really thinking about telling customers we only do wordpress if they pay for a maintenance plan, or else they will get hacked.