If you have an ancient WordPress 4.1.1 you and your website has become a victim of cross-site scripting here is how to clean it.

First, update your WordPress to one which is not vulnerable, such version is 4.1.28 which can be downloaded from here

In my case the victim was http://www.YOURWEBSITE.com/ and links were changed to go to http://land.buyittraffic.com

Go to MySQL cli or your phpMyAdmin and recover the website URL:

This will fix the links on the website and administration will start to work.

All posts have appended some nasty javascript and you have to clean them:

Check to see if you have nasty code with

 

If you don’t see the malware then it is safe to open in the browser again.