Not on 5.1.1? You should be
A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or edit blog posts.…
The Register – Security
Secure Hunter Anti -Malware