Submit: 
I was once accused of injecting malicious code into someone’s computer in order to discover the contents of their computer, through some means such as e-mail or a web site. Well, I have not sent that person e-mail in almost two years (and then, only because one was requested), so my web site would be the only other means of injecting malicious code into their computer.
WordPress does not permit its users to include scripts in their web content. For example, were I to write some Javascript into this page, WordPress would automattically filter it out before saving the page. And, were I to create a URL on any of my pages that included a cross-site scripting attack, WordPress would filter that out too.
Even when I had complete control over my HTML, I have never knowingly hosted malicious scripts or code. Doing so is a blatant violation of the codes of ethics of the security organizations I am involved with ((ISC)², ISACA, InfraGard).
Peter H. Gregory 