My wordpress based website has been hacked again and again. Code injected into my header, due to this webiste redirects to another site or sometimes down.Targeted folders are wp-content and wp-uploads.Target files are index.php , wp-blog-header.php , wp-config.phpHacker also upload files into wp-upload or wp-content folder.I am very frustrated from past 3 months. My business is down, Could please someone help me out.could not diagnos from where it comes from.
plugins i used are wordfence, elementor, yoast, simplessl, wp-optimize, social chat, contact form 7 , hide/remove meta data , limit login attempts, Prevent XSS Vulnerability ,
I even disabled all plugins, just active wordfence plugin to idenitfy infected files. but it does not worked. I changed theme, purchased theme but does not work.