Here are some steps to secure a hacked WordPress website:
- Change all of your login credentials, including your WordPress admin password and FTP/cPanel login information.
- Remove all unknown users and delete any suspicious content from your website.
- Use a security plugin, such as Wordfence or Sucuri, to scan your website for malware and other security issues.
- Make sure that you have the latest version of WordPress and all of your installed plugins and themes.
- Consider using a web application firewall (WAF) to protect your website from future attacks.
- Check your website regularly for any suspicious activities and keep backups of your website in case you need to restore it.
It’s important to take these steps as soon as possible after you suspect that your website has been hacked. The longer you wait, the more damage a hacker can do to your site and to your reputation.