The most common way that WordPress administrators interact with iFrames is when they want to embed external content.
For instance, if you want to display a YouTube video in a post, the video that plays in the post is contained inside an iFrame that then displays the content (in this case, the video) directly from YouTube. The iFrame also contains information such as the height and width of the iFrame as well as any border, etc.
WordPress allows you to easily embed popular kinds of content, including YouTube and Vimeo videos, directly into a post without having to understand or code any iFrames. In order to embed a video from one of these sites, simply add the video’s URL to a new line in your post in the Text Editor window. You can also use WordPress’s built-in shortcodes to embed content without having to use an iFrame.
In other cases, the third-party website will usually have the complete iFrame information that you can then copy and paste without needing to modify it.
Note: Because iFrames run code that is sourced from a third-party website which could be malicious or cause problems, the ability to use iFrames is not available for websites hosted on WordPress.com. You can, however, embed content from trusted sources like YouTube, Twitter, and SoundCloud using the Text Editor.
iFrames are also often used to display advertisements in the sidebar, footer, header, or other locations on your website. Always be extremely careful when using an iFrame, and make sure that you are not opening a security vulnerability that could be exploited by malicious hackers to take over your website.