It would appear a plugin has been exploited, not sure which, but it’s the only way I think the theme could be exploited. Theme has some undisplayed text, which when indexed by google becomes associated with your site.
Normal visitors do not see it, but Google Indexing picks it up and displays.
I have just had a chance to see what’s changed, and will disable plugins which I suspect. Reverse the theme changes and monitor for a few days.
EDIT: Looks like its the WordPress Database Backup (v7.9.1) plugin by Jason Jones, that causes the hidden text to be displayed in pages. I disable it and the hidden text goes away. Suspect it’s what was exploited.
If I google the string it puts into pages, looks like a large amount of hosts have been comprised due to it.