Hey everyone, I hope someone can help or give advice.
Site info:
WordPress: 5.4.1
PHP 7.3.17
All plugins and themes are up to date.
Recently the site got hacked I’ve installed different security plugins Itheme Security, WordFence Security, and Sucuri before it got hacked. We recently revert the website back to the previous state, however once a week the hacker will change everything again. After reverting the site we changed all login, DB, and FTP details but that didn’t help.
All the entries – post/page/image description – were corrupted with this script:
[ Deleted, do not post malware code on this site ]
Can someone advise what to do? Or have a solution to prevent SQL injections?