You will want to take all of the following actions for each account/CMS to get this resolved:
-Examine the indicated files and if necessary, remove the identified files from public_html.
-Update the core CMS installation and all themes, plugins, addons, modules, templates, etc.
-Change the cPanel account password and any FTP account passwords that have access to upload.
-Change the CMS administrator password.
-Change any email account passwords with access to resetting the CMS administrator password.
-Scan any computers with access to the server with anti-virus software and Malwarebytes and Spybot Search&Destroy.
Going forward, you’ll want to make sure that you keep the CMS installations more up-to-date and please let me know if you have any questions.