WordPress is open source, which means that everyone, including hackers with a malicious intent, can scour the source code looking for holes in its security….
Source: https://code.tutsplus.com/tutorials/building-a-wordpress-security-plugin-the-basics–wp-24787