How to fix stick.travelinskydream.ga & Kaswara vulnerability

Approximate 10,000 installations are using “Kaswara Modern VC Addons”, from which many are infected with malware already.
While performing a cleanup, we noticed a suspicious entry inside wp_options table, which turned out to be a base64 encoded Javascript – I’ll detail my findings in this article.