This text file you mentioned, is a shell. The hacker probably uploaded it trough an exploit in WordPress (or just bruteforced the admin account) and uploaded a shell. A shell is used to have easy remote access to databases and files. It’s actually just a trojan/backdoor for a web server.
It’s best to try to find out where the exploit is, and how you could remove it. Also, you should report the exploit to the WordPress team, and wait for a fix, or write one yourself if you’re skilled enough. If you got any questions, e-mail me at [email protected].
Good luck.
