Pirated themes and plugins are the most widespread threat to WordPress sites