This is little late, but worth saying.
WordPress websites get hacked when
- they are out of date
- they use too many and/or poorly constructed plugins/themes
- the they have weak passwords
CPanel just needs a strong passwords e.g. admin, FTP etc.
To date, I have never seen a
maintained WordPress website hacked.