WordPress site owners would just leave site security on the least priorities on their checklist. The common things they are going for are an affordable host, an appealing design, SEO, promotion, and custom development. They would not prioritize the security of their site, sadly according to an article from ZDNet.com, WordPress accounted for 90 percent of all hacked CMS sites in 2018. Two-thirds of them were hacked due to a backdoor from an outdated plugin or a known vulnerability.
Remember a website is a digital asset; any disruption would result in loss of lead, conversion, and sale. That means a loss of revenue, imagine if a site that earns an average of $100 per day, a disruption of five days would result in a loss of $500, the same scenario on a site that was dropped off on search engine rankings. Google Ad would not permit adding websites if their algorithm detected a possible malware infection. In the worst scenario, Chrome would not allow the viewing of the site and would make a bad impression on customers. Expensive Design, SEO, Social Marketing, Sales Funnel, or landing pages would not be of help once a WordPress website is hit by malware. So it’s better to be protected than sorry.