Wordpres

Don't just rely on a wordpress plugin. Wordpress security start from your hosting to your password choices. Use a AIO security plugin like Wordfence or iThemes Security and set it up to your needs. And for having a general opinion about possible vulnerabilities check out guides like this:

http://www.wpexplorer.com/how-not-to-secure-wordpress/