WordPress is a pretty safe platform on its own but the themes and plugins you install may not be always invulnerable to hack attacks. Injection Guard is one of many plugins you can install to address malicious queries. This plugin lets you keep an eye out on valid and invalid requests to your website.
This plugin logs requests, so you can blacklist or whitelist parameters. You can view them on the Settings page. Injection Guard is available as a free download.
More WordPress reading: