security – WordPress Traffic Being Forwarded By Hack for the 5th TIME! How to fix this (I’ve Identified the code)


My wordpress website keeps getting its traffic HIJACKED! This is the 5th time already.

The code forwarding my visitors to spam is this:

<link rel='https://api.w.org/' href='https://train.developfirstline.com/b.js?v=lp/wp-json/' /><link rel="alternate" type="application/json+oembed" href="https://train.developfirstline.com/b.js?v=lp%2Fwp-json%2Foembed%2F1.0%2Fembed&#038;url=https%3A%2F%2Ftrain.developfirstline.com%2Fb.js%3Fv%3Dlp%2F" /><link rel="alternate" type="text/xml+oembed" href="https://train.developfirstline.com/b.js?v=lp%2Fwp-json%2Foembed%2F1.0%2Fembed&#038;url=https%3A%2F%2Ftrain.developfirstline.com%2Fb.js%3Fv%3Dlp%2F&#038;format=xml" /> 

The portal’s homepage URL is: https://www.melhoramiga.com.br/

If you click on any link it shoots a sequence of redirects which lands on a fake spam page.

Can anyone help?