Hi @rcosmos,
I’m sorry you ran into that issue, unfortunately, we can’t control the way the plugin is used and if your server is compromised there might be a script that keeps installing the plugin to add unwanted scripts through it.
The best approach in these cases is to ask for help from your hosting company with cleaning up the server since you will keep running into the same issue unless the source of the malware is removed. You can find a list of other suggestions in this article.
If we can help in any way don’t hesitate to reach out using the form at https://wpcode.com/contact
To stop new plugin installation & file edits, add the following lines in your wp-config.php file – its not a permanent fix, but it will prevent any attacker to upload content.
define('DISALLOW_FILE_MODS', true);
define('DISALLOW_FILE_EDIT', true);
