Those file were definitely there because the google bot indexed them, or your sites html was edited to point to those non-existent files. Hard to tell, either way you most likely have been hacked by an automated spamming bot.

WordPress has hundreds of vulns and several 0-days every now and then, so you never know which one it is, especially if you install plugins.

Best options nuke the site and start afresh from a clean backup.

On Wed, Jul 8, 2015 at 4:14 PM, Samuel Waithaka via skunkworks <skunkworks@lists.my.co.ke> wrote:

Hello people,

I could use some help with Wordpress. When I do a site:mysite.com keyword search on Google, I'm getting hacked PDF links. Here's an example:

Search:
site:example.com prescription

Results:
example.com/add/tadalafil-prescription.pdf
example.com/.../finasteride-online-prescription.pdf
example.com/add/viagra-canada-prescription.pdf
etc... and they are many; over 10 pages of results.

However, all these links are broken. What I'm wondering is:

1. What's the likely Wordpress vulnerability that allowed this?
2. Could this be 'staged links' or the PDF files might actually have been there?

--
Samuel Waithaka
Cell: +254 720 317929 | +254 770 451280
http://twitter.com/samwaithaka

_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------

Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke