Most owners of the ~1.375M targeted WordPress sites have not confirmed they are safe. Here is the 30-minute self-triage with file hashes, malicious paths, traffic patterns, and database signatures to prove you are clean.
mass WordPress exploitation
1 Article
Concrete Indicators of Compromise: file paths, SHA256 hashes, and YARA rules derived from publicly disclosed mass-WordPress exploitation campaigns.
