Objective

Stop the live WordPress casino-spam compromise on aguiarinjurylawyers.com while preserving evidence and rollback paths.

Accomplished

• Exported evidence to admin/security-incidents/wordpress-casino-spam-2026-06-12/.
• Drafted and noindexed 61 gambling-spam posts.
• Removed the homepage hidden so-news-block with 60 spam links.
• Removed 10 homepage off-screen outbound casino paragraph blocks.
• Scanned all published pages and posts, then removed 15 additional page-level off-screen injected blocks.
• Revoked two suspicious application passwords for WordPress user 8: WP Admin Bot and sentinel.
• Created local handoff: admin/handoffs/HANDOFF-wordpress-casino-spam-containment-2026-06-12.md.

Verification

• Published REST search counts for casino, kazino, vegashero, and pinco are all 0.
• 61 of 61 spam posts read back as draft.
• 61 of 61 public spam URLs return 404.
• Homepage REST readback has no so-news-block and zero casino mentions.
• Browser, Googlebot, and Bingbot homepage checks returned status 200 with zero spam markers.
• Final known-marker scan: 560 published objects scanned, 0 hits.
• Public sample of cleaned pages: 7 of 7 returned 200 with zero spam markers.

Evidence and rollback

• Incident folder: admin/security-incidents/wordpress-casino-spam-2026-06-12/.