Hi @allbrandsmatter,
I’m sorry you ran into this issue, this is not done by WPCode in any way.
In all cases we encountered so far the issue was related to compromised credentials for the administrator user for the website due to the same email/password being used on other websites.
Please follow these steps to stop the plugin from being installed:
1. Immediately update all the passwords for all the administrator users on your site. Please maks sure the password is not used on any other website.
2. Check the list of administrator users and delete any user you do not recognize.
3. Use the WPCode Safe Mode to stop the malicious snippet from making changes to your admin by adding ?wpcode-safe-mode=1 to your websites’s admin URL. https://wpcode.com/docs/php-error-handling-safe-mode/
4. Delete any snippet you do not recognize.
Let me know if I can provide more info.