Hi Nik,
I am sorry to hear that your site was hacked, i hope you have backups for a quick recovery.
It looks like every url on your site produces the same output so i’m not sure what exactly its detecting, but this is a common thing for a hacked site, the script will change obscure files throughout your site so it can keep infecting things, as u can see it seems to also have detected the same in a core WP JS file.
I can assure you that our file is clean, you can see it here and that it has not been changed in over 4 years https://github.com/GeoDirectory/geodirectory/tree/master/geodirectory-assets/js
Did you have the plugin “Easy WP SMTP” installed? It was reported to have a severe vulnerability a few days ago. https://blog.nintechnet.com/critical-0day-vulnerability-fixed-in-wordpress-easy-wp-smtp-plugin/
Thanks,
Stiofan
Stiofan O’Connor 6 years, 1 month ago.
