Thank you for reaching out about this! From what I gather, the malicious code was entered in every product’s description fields.
One way to deal with this issue would be to restore from a backup before the malicious code was entered.
Before doing so, make sure an up-to-date backup of all orders is available. In case order export and re-importing is needed, feel free to use?this plugin.
That way, the store will be reverted to its last known good configuration, without losing any data in the process.
Furthermore, feel free to check out Jetpack Security. Jetpack Security provides easy?to?use, comprehensive WordPress site security including backups, malware scanning, and spam protection.
I trust that points you in the right direction, but if you have more questions, let us know. We’re happy to help.
This reply was modified 1 year, 9 months ago by anastas10s. Reason: typo
This reply was modified 1 year, 9 months ago by anastas10s. Reason: added clarity
Since your backup has been hacked as well, please export all products first under Products > Export and only the fields ID and Short Description to be exported:
This would be the output of your CSV file. From here, you can now update the Short Description field and remove the malicious code using a simple Find and Replace function of Google Sheets.
Once you’re done with the updated data, please import the CSV file again using Products > Import. Be sure to enable the checkbox: Existing products that match by ID or SKU will be updated. Products that do not exist will be skipped.
The import process will now update your products.
Should you wish to use a plugin, I found the premium plugin Bulk Edit Products, Prices, and Attributes that easily bulk edits any WooCommerce product fields and meta values.
If you want to try our products, please note we have a 30-day refund policy.