WebsiteBaker does not have any intrusion detection on the admin pages, so any brute-force attack can go on for a long time without you knowing about it.
There is a solution.
Upgrading WB to the latest version is always a good idea.. but..
Unfortuntly there are some default settings enabled that could break your website after upgrading from an older revision.
A vulnerabity was found in WebsiteBaker version 2.8.3 SP5.
The problem was existing in earlier versions too, so action is required.
If you need your website to do something more than display text and an occasional image you might need a module to enhanche the CMS's functionality.