In my case, I didn't know. Well, to be 100% accurate, I did find out that one of my clients fell victim to a WordPress security vulnerability after moving to a less-expensive shared hosting provider. This happened a few months ago. I've since upgraded their site to the latest version of WordPress and the attackers were sent packing.
But, just yesterday I received a comment that a user of that site was alerted by their anti-virus software that the site was not "trusted". This perplexed me, the site had been upgraded, I checked the code for any leftover JavaScripts or other malicious code. Nothing, the site was solid.
So, on a whim, I decide to type "website security scanner" in Google. I tried the very first result: http://sitecheck.sucuri.net/
Bingo! The scan results indicated that McAfee TrustAdvisor blacklisted the site as a security threat. This no doubt happened while the site was under attack a few months ago. But, they never removed the listing. This very listing is what was irking the user's anti-virus software. I have since requested that McAfee reevaluate the site. We'll see what happens.