hacked

Your site has been compromised (hacked). There are tons of posts and articles on how to de-hack a site. It can be done, but is very time-consuming. At very least, update/reinstall everything (WordPress, Themes, plugins), change passwords for database and all admin users, remove any unknown admin users, look for extra php files (in every … Read more

Not able to change WordPress admin email. Someone added another admin credentials

Strings of malicious code to look for after a hack

WordPress Redirect Hack

I’ve cleaned up a few hacked sites, and have developed my own personal procedure here. But there are many googles on how to clean up. The basics are change the passwords of everything (hosting, database, FTP, users), reinstall WP and all themes/plugins from a known good source (WP repository), and manual inspection for bad files. … Read more

This is a great article on WordPress security, loads of great advice… https://codex.wordpress.org/Hardening_WordPress. I’d follow the advice in the article above, and make sure to change all your passwords for FTP, blog login, etc so they’re all unique, long and random.

They run it on your server, just like any other script runs (including WordPress). In the log you provided, it looks like the hacker knew your password. Perhaps you are using the same password on other sites, and he somehow gained access to one of them? Always set different and complex passwords; combine a large … Read more

I’d guess that there is some rogue code on your site. (Assumption, since I don’t know your site URL.) You’ll need to check everything: update (from known good source) everything (WP, themes, plugins), then look at each folder for a file that doesn’t have the current date (since you just updated everything). Change the credentials … Read more