My WordPress site was hacked and the homepage is now showing unauthorized content. I already disabled every plugin and theme to stop the spread, but the infection is still present and Google has begun flagging the URL. I need someone who can jump in right away, locate and remove every malicious file or database entry, then bring the homepage back to its normal layout without touching legitimate data. A deep scan with tools such as Wordfence, Sucuri CLI or similar is expected, and you may need to use SSH, phpMyAdmin or cPanel File Manager to get everything. Once the cleanup is done, I also want the core, theme and plugins patched, fresh security keys generated, and a lightweight firewall or hardening plugin configured so the issue doesn’t return. Deliverables I will use to sign-off: • A clean, fully functional homepage that matches the last good version. • Written summary of every file/database change, plus the exact malware signatures removed. • Security hardening steps applied (login lockdown, updated salts, file permissions, automatic backups scheduled). If you have handled compromised WordPress installations before and can start immediately, please tell me the typical turnaround time you need and any server access details you require.