Unlike those scam emails we all get, this alert from the FBI is right off the government website. Their headline was "ISIL Defacements Exploiting WordPress Vulnerabilities" and was in response to numerous reports of WordPress sites hacked by ISIS. (Google the underlined phrase to see countless such reports.)
Hacking isn't all that unusual, but the FBI report points out a couple of alarming facts. First is that the hackers are "using relatively unsophisticated methods to exploit technical vulnerabilities" in the WordPress sites, and second, all the hacked sites were "easily exploited by commonly available hacking tools."
(And some folks wonder why we opted years ago to use a commercial Content Management System, rather than WordPress... as we explained in our post last year "You can't afford cheap".)