Wordpress sites are currently being compromised by a virus and so far thousands of websites have been infected. The bad news is that a simple patch alone will not fix it.
The virus redirects wordpress website users to another site which eventually exposes them to the Neclear Exploit Kit - malware that then delivers randsomware.
The virus is designed so that even if you change your password, the malware will still have access.
Find out the "5 To-do’s If You Run a WordPress Website" and the "5 To-Do’s To Protect Your End-Users" according to Wynn Joenes of Pretorian Security