I have developed a relative simple website in wordpress and actually, it resides in a subdomain of my primary host as it's still under construction. I am not sure if I have a healthy back up of it, but yesterday I saw that someone has compromisedm, below message is appearing on the upper part of every page

"Couldn't connect to database server.Couldn't find database pssamurai1_ratta.An unexpected problem has occured with the application. SELECT global_code FROM ubh_settings WHERE setting_id = '1';"

Clearly someone has inserted some code somewhere trying to connect to that database. I have been searching my file but found nothing until now (header.php, index.php, functions.php, wp-config.php etc)

Has anyone had any experience with this, the last option would be replacing every single file hosted of my wordpress folder, hoping the database itself is healthy. I need any ideas as to where to look for the compromised files that have been touched and than later I am thinking to use some security plugins.

Two ways come to mind:

1. Automatically: Install WordFence plugin it might do the trick check it out here /if you can access the backend of course/

2. Manually: If you have access to the apache error logs you can check out at which file the error occurs and open it/Or sort the files by modification date but you've probably edited them after it happened so i'm not sure if it will work/, from what i've seen they put the code either way right in the document so that you'll have to scroll a lot to the right to see it or way down so that normally you won't pay attention

Since it's a simple website, it can be easy to recover.

The first thing I'll recommend is to download a copy of the database (in case you have much content to recover)

Look for codes that you didn't write in the theme you made(also applies to plugins). Install a fresh copy of WordPress and add the theme you were developing. Add fresh copies of plugins.

You should be okay with that. Maybe you can start using some kind of versioning like Git (Bitbucket has free private repositories).

Also look for security-related plugins in the WordPress plugins repository.

I would suggest just extracting the data for the posts and setting it up from scratch. You can find this in Tools-> Export