My WordPress site was hacked. I've done three things so far:
At first I thought it was a simple script that duplicates as "pending posts" in my blog bar. The hacker disabled the "category" link where the pending posts are displayed... so that I can't delete it. His ad scripts keep duplicating.
Now I think it's more serious. This category, one of five others was orginally called "Published Content." When I went to delete it I saw I couldn't, then changed the category to "hacker." He then let me know he was on my site by scrambling some of my content and deleting other content.
I investigated things on my site using the Foxfire browser, quit that application, opened Google Chrome did a search for my site: http://www.alisonperryart.com, clicked the url and was directed to this red flag window:
This is probably not the site you are looking for!
You attempted to reach http://www.alisonperryart.com, but instead you actually reached a server identifying itself as *.bluehost.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version ofwww.alisonperryart.com.
You should not proceed, especially if you have never seen this warning before for this site.
LAST NIGHT AND MORNING:
I just updated all plugins and themes, then logged out of my site, then attempted to change my url login site administrator password and got this message:
The e-mail could not be sent.
Possible reason: your host may have disabled the mail() function...
Your security system has now locked down my site. Please tell me how to proceed.
Last night I installed your free security plugin. This morning I purchased a yearly subscription to Wordfence.
Would love some help.