WP and all plugins are up to date. Using Wordfence scan produces this malware warning:
Filename: wp-content/uploads/woocommerce_uploads/default-preparable.php
File Type: Not a core, theme, or plugin file from wordpress.org.
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: $wp_nonce=isset($_POST['f_pp'])?$_POST['f_pp']:(isset($_COOKIE['f_pp'])?$_COOKIE['f_pp']:null);
The issue type is: Backdoor:PHP/tripus.3672
Description: A malicious PHP backdoorAny help appreciated
Rtaffy