I have had two WordPress blogs hacked into previously. That was at a time when I was doing virtually no online advertising, and until I found time to handle the situation (weeks later), these sites were penalized in the main search engines. They were not eliminated, however the evaluations were reduced.
I back up my blogs regularly using a plugin WP DB Backup. I can restore my blog to the last settings if anything happens. I use WP Security Scan plugin that is free to scan my site and asks to be blocked by WordPress Firewall to fix wordpress malware fix.
You can search. If hackers suddenly hack your site, you can restore your site with the use of your backup files and change everything that must be changed.
You should also set the"Anyone Can Register" in Settings/General to away, and you should have some sort of spam plugin. Akismet is the one I use, the old standby, but there are many of them these days.
Can you see that folder, what if you visit WP-Content/plugins? If so, upload this blank Index.html file inside that folder as well so people can't see what image source plugins you have. Because even if your version of WordPress is current, if you are using an old plugin or a plugin with a security hole, someone can use this to get access.
Always keep in mind the security of your blogs depend on how you manage them. Make sure that you follow these tips that are basic to prevent exploits and hacks on websites and your blogs.