Website Hacked: Malicious Code

Website Hacked: Malicious Code & Thousands of Spam Links Injected

Hi everyone,

I’m dealing with a serious issue on my WordPress site running version 6.7.2. It seems to have been hacked, as malicious code has been injected, resulting in thousands of spam links to online poker and gambling sites appearing throughout my site.

I’ve tried cleaning the database and checking my theme and plugin files, but the issue keeps coming back. I suspect there is some persistent malware or a backdoor that keeps reinfecting my site.

Here’s a list of my installed plugins and their versions:Plugin NameVersionClassic Editor1.6.7Elementor3.27.6Elementor Pro3.25.3ElementsKit Lite3.4.3Essential Addons for Elementor6.1.2Image Optimizer1.5.4Integrate Google Drive (Premium)1.4.6Jeg Elementor Kit2.6.11Loco Translate2.7.1Premium Addons for Elementor4.10.83Sassy Social Share3.3.70Sticky Header Effects for Elementor1.7.5Ultimate Addons for Elementor Lite2.2.0Ultimate Member2.9.2Ultimate Member – reCAPTCHA2.3.7Wordfence Login Security1.1.12WP Dark Mode5.2.6

I have Wordfence installed, but it hasn’t completely stopped the issue.

Has anyone experienced something similar? What steps would you recommend to fully clean the site and prevent future reinfections?

Thanks in advance for any help!

Additional Note:
For security reasons, we have temporarily moved the website to a different location to protect the client’s data and prevent further damage. The current infected site is not accessible via its original domain. This means I cannot share a direct link, but I can provide logs, screenshots, or specific details if needed.

Any help in identifying the source of the infection and securing the site would be greatly appreciated. Thanks again!

The page I need help with: [log in to see the link]