I am sure some of these problems result due to the use of free themes from unscrupulous sites.
Here is a plugin that may help you minimize the chances:
WordPress Exploit Scanner
to quote the author,
"This plugin searches the files and database of your website for signs of suspicious activity. It will not stop someone hacking into your site, but it may help you find any uploaded or compromised files left by the hacker"