Google Webmaster tools turned up several pages on my site that seem to have been hacked by a Turkish dating web site anxious to boost its search presence. I suspect that a now-deleted plugin with hidden malware may have infected my WordPress site at some point since these entries exist in a limited time frame.
In any case, it leaves behind the site name as a ?ref for previous and next entry links.
A typical page shows up as /page/20?ref=ARKADASBUL.NET
A Google search of ?ref=ARKADASBUL.NET turns up zillions of pages that have been so infected on all kinds of web sites. Can someone help me disinfect mine?