I am looking after my sister’s website at https://lynnbailey.co.uk
She has twice had a virus on the site that injects code into the Custom CSS area of the theme. I have put Wordfence on the site, but it got attacked again with Wordfence active and up to date. The virus is called Cutwin. Do you know anything about it?
We have rectified the problem by rolling back to a date prior to the hack, but would appreciate it if you had some guidance on how to prevent this from happening.
The Theme is version 2.3.5