I am not sure yet, but when the vulnerability was neutralised it removed one of your plugin files. As the site was not live I am pretty confident that the vulnerability was one of your plugin files. Running forensics now to try to determine the exact cause. These were the first files quarantined which broke the admin console and directed me to your plugin:
- wp-includes/images/xml.ph
- wp-admin/includes/dirs31.php
- wp-content/uploads/2015/menu.php
- wp-content/uploads/js_composer/lib.php