Websites experience many attacks every day with an average of 8,000 attacks per year, according to statistical data. A website vulnerability is a misconfiguration, weakness or open port in a website or web application code that allows an attacker to gain access or control of the site in some way, and possibly the hosting server. Most exploits are exposed through scripts or bots or some other automated systems. Vulnerability scanners and botnets are specialized tools that scour the internet for platforms like WordPress or Joomla, Drupal or any other CMS, looking for open vulnerabilities. Once exposed, scripts are run automatically to exploited and steal data or distribute malicious content. Sometimes code is injected in order to deface the website, spam people and even to use as a type of home base where additional hacking can be done on other sites. If you have not updated your website in a few months there is a good chance there is some type of malware or virus on it. There are simple things you can do to avoid this like removing forms or adding captcha or not using old software.