My WordPress install has been breached. I am seeing spam posts and pages sprinkled throughout the site and several malicious links have appeared in places I never touched. The attacker also managed to get into the main admin account, so I no longer trust any credentials or core files. I need a specialist who can: • Eradicate every spam post, page, and injected malicious link without harming legitimate content. • Audit and remove any backdoors, rogue users, or altered core, theme, and plugin files. • Restore secure admin access, forcing password resets and re-generating salts. • Patch WordPress, themes, and plugins to the latest stable versions and harden the installation (file permissions, disallowed editing, firewall rules, etc.). • Provide a brief hand-off report summarising what was found, what was fixed, and concrete steps I should follow to prevent a repeat. Please outline your estimated turnaround time and any security tools or scanners you prefer (e.g., WP-CLI, Wordfence, Sucuri, MalCare). I can supply cPanel and database access immediately.