My WordPress site has started redirecting visitors to unrelated pages—an obvious sign of injected malware. I need the infection fully removed and the redirect problem fixed while keeping the total cost within ₹500. Scope of work • Run a thorough scan (Wordfence, Sucuri, wp-cli or similar) to locate all malicious code, suspicious files, and database injections. • Clean or replace compromised core files, themes, and plugins; repair or regenerate the .htaccess and wp-config.php where necessary. • Patch the vulnerability, update everything to the latest safe versions, and harden the installation (file permissions, salts, security keys, firewall rules). • Provide a brief report detailing what was found, what was removed, and any preventive steps taken. Acceptance criteria 1. No further automatic redirections on any page when tested from multiple devices and networks. 2. Google Safe Browsing and other major blacklist checks show the domain as clean. 3. I receive a concise, plain-language clean-up report and recommendations for ongoing security. I will supply admin and hosting credentials as soon as we agree on the approach. Turnaround within 24 hours preferred.