As far as I know (Maybe I’m wrong) WordPress does not use MD5 for password hashing and they are using Portable PHP password hashing framework.
The core still needs a cryptography algorithm, by default it is MD5 and can be changed to Blowfish or DES. but good part is that new system is using 8 time MD5 over one password with a random additional input data called “salt” so it is hard but still possible, just matter of time and money if the other side really want it there are some premium services which can do it with an acceptable success range.
Even if they used md5 only, it’s hard to crack it, unless your password is some generic one or can be find in dictionaries.
I disagree, with today GPU processing power, pure MD5 is almost nothing and also there are pre-made rainbow tables up to 12 character combination of all possible characters so no no md5.