Important video – this is a very widespread spam issue affecting thousands of sites. This vulnerability can be exploited without any password access to your site or any code injection – which is what makes it so widespread.
While the sites themselves are unharmed, the spammy listings can hurt your reputation and may affect your SEO by making your site much slower for google to crawl.
Full details of the issue below:
This issue was not fixed until 5.7 and has been in the wild for a long time!
Always remember to follow best SEO practices by using a good SEO plugin and always keep your sites updated!