Hey Guys, I found this related to this issue:
https://blog.sucuri.net/2018/08/massive-wordpress-redirect-campaign-targets-vulnerable-tagdiv-themes-and-ultimate-member-plugins.html
However, I found due to the nature of this malware each site cleanup has been different. This has worked for most.
I used the ‘String Locator’ plugin to find “allyouwant” and “eeduelements” strings and removed the javascript (read the article) from those files. That stopped the redirect and notifications pop up for me.
Then I cleaned the core/theme/plugin files using malware plugin named Anti-Malware and Brute Force. https://wordpress.org/plugins/gotmls/
Then I ran Sucuri and Wordfence plugins to see if anything else had issues. Hope this helps someone.
