Malicious URL's crawled by google not detected

One of the website I have has hundreds of malicious URL's that has been crawled by google that we can't seem to find. There's no trace of those files and folders inside the server. This website has been hacked and was re-coded without using any of the files from the previous website.

This is a WordPress website hosted on flywheel that uses Genesis and a paid child theme. Here's the plugin list

Here's a few examples of the said urls

  • /koy/byrx.php?aw=دانلود-سایفون-ویندوز
  • /reh/zmgg.php?mx=دانلود-فیلترشکن-سایفون-من-و-تو-با-لینک-مستقیم
  • /reh/zmgg.php?mx=jailbaitschan-cat-goddess
  • /koy/byrx.php?aw=tamilkamakaghaikalnew-2017-tamil-kamakaghaikalnew-2017
  • /reh/zmgg.php?mx=دانلود-فیلتر-شکن-thunder-vpn-برای-کامپیوتر
  • /mtuvis/sxijrr.php?wag=افلام-اجنبيه-مترجمه-عربي-للكبار-الكمره

What do I do to prevent this from happening again?