There are two types of malware infecting WordPress, one made of javascript and the other made of php.
What is javascript and PHP?
Javascript is a scripting language included in WordPress themes and plugs that is executed in the browser only when a user accesses the site.
Malicious javascript scripts that run in the browser cannot rewrite files by themselves and can move users from the browser to another site without their permission, or force them to enter login information that displays an incorrect screen for a fake user, etc. User.
php is the programming language in which wordpress is created and has very much greater privileges than JavaScript.
This means that php malware is the main cause of the creation and output of the aforementioned malicious javascript programs.
Danger level of malware
php malware > javascript malware (malicious scripts)
Removal of javascript and php malware
Since php malware is the cause of the aforementioned malicious javascript output, it is first necessary to remove the php malware.
However, WordPress generally has thousands of legitimate php programs, and it is extremely difficult to find php tampering and malware among them.
In this case, the easiest way to get rid of malware is to get professional help or use a plugin that will mechanically inspect for malware.
Free] WordPress: Malware Scan & Security Plugin [Malware and Virus Detection and Removal
Get rid of javascript malware that plugs vulnerabilities in your site
Eliminates php malware and then also eliminates javascript malware that is being generated.
However, if the vulnerability of the site that allowed the hacker to enter in the first place is not plugged, the site will be reinfected from that vulnerability.
Make your wordpress admin password strong.
Inspect and remove the fraudulently generated WordPress administrator.
Update old plugins and other vulnerabilities that have not been updated for more than a few years of updates.
Malware may have spread from other sites on the server, so if there are other sites on the server, perform malware inspection and removal updates for them as well.
Reference
Five free WordPress security measures