I am attempting to secure my website running WordPress on it. I am interested in keeping the website as secure as possible. To do this, I plan on updating WordPress as soon as new patches come out. I also plan on regularly updating modules because I know that they too can have vulnerabilities.
My question is do I have to worry about vulnerabilities within WordPress themes. Are there ways to exploit a website by holes in the coding of a specific type of template/theme?