I can help you if you have any security issues like:

1. You can’t log in to your admin panel.

Attackers occasionally remove users or change passwords to prevent access to a hacked website. Try resetting your password — if you’re not able to regain access to your user account, it may have been deleted from WordPress.

2. Your security plugin or file integrity monitoring has notified you of an unexpected change in your environment or website files.

If you’ve found changes to core system files or your security plugin has notified you of unexpected file changes, this is a sign that an attacker may have modified your website files to send spam emails, create website backdoors, or run malicious code.

Any new files with suspicious looking names or server-side scripts in upload directories are a major red flag that your website has been compromised.

3. Your hosting provider has contacted you with notifications about unusual account activity or has disabled your website.

Hosting companies perform regular scans and audits for malicious behavior or malware and often disable any websites with known issues to prevent cross contamination in shared hosting environments.

4. Browser warnings are served to you or your site visitors when attempting to access the website.

If Google Chrome or another browser displays a warning message when viewing the site, odds are you’ve been hacked. This also indicates that your site has been blacklisted by a known authority  like Google Safe Browsing.

5. Google Search Console displays a warning message stating your site’s been hacked or is serving malware.

Google sends site owners who’ve linked their domain to Google Search Console notifications whenever a site has been compromised. These notifications provide valuable information about whether spam content or malicious code has been found on your website.

6. When you search for your domain, a warning message is displayed.

Search authorities like Google and Bing provide warnings to users to help mitigate risk and protect them from pages that serve malware or phishing. If you’re receiving warning messages about deceptive or dangerous websites when you search for your domain, it’s likely that your WordPress site has been hacked.

7. Customers are complaining about credit card theft.

Credit card theft is an incredibly lucrative business for many attackers, as sensitive credit card details can easily be sold for money on the black market or used to make fraudulent purchases. Attacks on e-commerce websites are typically targeted and leverage known vulnerabilities in plugins, themes, and other third-party components.

8. There’s strange looking JavaScript in your website code.

Attackers often use obfuscation techniques, formatting and code comments to conceal their malware from view. Even a small snippet of malicious JavaScript can be used to harvest credit card details or passwords from a hacked website.

9. Your website has become extremely slow.

Some malware use significant server resources. If your web pages have suddenly become very slow and take longer to load, you will want to investigate further and determine if your WordPress site has been hacked.

10. Your website is redirecting somewhere else.

Many attackers inject malicious redirects to send your website’s traffic to their ads or spam pages in an attempt to increase SEO and hijack traffic for their own domains. If you or your visitors are suddenly being sent to a spam landing page when accessing the site, you’ve likely become infected with a malicious website redirect.

11. You see changes on your website but you don’t know how they got there.

For example, if the homepage has been modified or replaced with a new page, content has been added to existing pages, or new pages have been created, this is an indicator of compromise and should be investigated.