One of my WP sites has been hacked, I have previously tried to solve this by changing FTP/mySQL passwords etc and by removing the rogue folders which have been displaying phishing websites and causing blackilist etc but they keep coming back, I can only assume that some core files are compromised or injected with code to allow the bad guys in :(
I do have a clean backup of the website from a few months ago but I'm a little nervous to reapply it for a couple of reasons. 1) The hacked version of the website is running a later version of wordpress and therefore database. 2) I'm not sure how to find which version my backup is.
Even if I could find out which version of WP my backup is, how would I be able to restore the mySQL database as it's likely that it's running a different version to the backed up site?
The host has demanded that a full clean installation of wordpress is installed, which I can do and then reapply the theme, but is it likely there would be DB issues as they are different? Perhaps there is a way to convert a DB back to a previous version?
I may have an early version of the database, I'm not too fussed about most of the content as it's largely a static brochure type website so not much has changed from that perspective so this might be my only option, but again, how do I find out which version of WP this would work with - Maybe I'm overthinking this a bit much?
I can't currently access the website publicly as the host has disable the account until it's fixed, I can access the FTP and mySQL DB though.
Any guidance appreciated :)