CryptoPHP infection

I had a couple of sites I manage become infected with CryptoPHP malware and had no idea what was going on. On one site the sitemap.xml files had a malware link on them (I discovered this via the Sucuri plugin) and reinstalling WordPress SEO by Yoast fixed it. I had another one that had a blank page with one malware link that wiped out the website at its root domain while leaving the www version intact. After reading a blog post about this from Wordfence I suspected that the second site had also become infected through Yoast’s (excellent) plugin, so I reinstalled the WordPress core and the Yoast SEO plugin, and the site was immediately restored at the root domain. I will now inform Yoast that his plugin needs an update to close this vulnerability and thank Wordfence for the information that led me to an effective resolution.