I got alert form Wordfence pluging, found the following new issues on mJOBrr - Freelancer website
Alert generated at Tuesday 11th of July 2017 at 05:01:24 AM
* File appears to be malicious: deleteme.39bb8cf30fc74afcbdc5784bf95b413f.php
* User "siddharthtyagi" with "author" access has an easy password.
* User "nitinbansodbte" with "author" access has an easy password.
* Your WordPress version is out of date
* Unknown file in WordPress core: wp-admin/js/gogu.txt
* Unknown file in WordPress core: wp-admin/js/index.php
Can any one suggest how it happened and how to fixed permantly
The deleteme.[hash].php ususally are files that installatron uses for logging you in to your site.
As an advice, you should update your wordpress, and make your passwords stronger. Also, and importantly, check those files, check it's contents and if you see something strange, delete them.
Hope it helps!