I was wondering how do I provide information to the wordpress staff about a possible security issue in wordpress.
If you can reproduce the problem with proof of concept code then you can report the issue to WordPress following this guide.
https://make.www.ads-software.com/core/handbook/reporting-security-vulnerabilities/
However… that’s not what’s happened here. ?? This is the important part from that article.
If you’re having an issue with your own self-hosted www.ads-software.com site that is not a security issue, then please use the www.ads-software.com support forums.
Your site was hacked and that happens for a number of reasons. 99.994% of the time (I totally made that number up, it’s probably higher than that) the server or your theme or your add-on plugin was the cause.
If you need support for your site then please consider starting a support topic via this link.
https://www.ads-software.com/support/forum/how-to-and-troubleshooting#postform
I’m sure someone can help you there if you do.
