If your site is being redirected to various shady sites, you might be infected with a blueeyeswebsite SQL injection. Other common malicious scripts:
Sample code injected in wp_posts table ( wp_ prefix might differ from a site to another ):
These are usually injected in wp_posts or wp_options tables – wp_ table prefix might be different from one WordPress instance to another.
To prevent further data loss, you should immediate backup your database & site files. If you’re unsure how to perform this action, contact your developer or hosting provider.
Second, you should revert the changes made on wp_options ( siteurl value ) & wp_posts ( malicious injections ) tables. In most cases, siteurl and home should be the same.
Reddit, My website has started randomly forwarding to malware sites: <a href=”https://www.reddit.com/r/Wordpress/comments/a22m02/my_website_has_started_randomly_forwarding_to/”>https://www.reddit.com/r/Wordpress/comments/a22m02/my_website_has_started_randomly_forwarding_to/ </a>
Sucuri labs, Side Effects of the Site_url Hack: <a href=”https://labs.sucuri.net/?note=2018-11-20″>https://labs.sucuri.net/?note=2018-11-20 </a>
Cleanup plans: <a href=”https://www.magefix.com/pricing”>https://www.magefix.com/pricing</a>