WordPress is an open source third-party application not directly supporteed by 123-reg.
However, we appreciate some customers may look to us in an hour of need and if you believe your WordPress site has been hacked would suggest you follow these steps:
Scan your local machine
Ensure you have up-to-date anti-virus software on the local PC from which you administer your WordPress account and run a full scan. If you do not have up-to-date Anti-Virus software consider using Panda Anti-Virus which you can subscribe to via your 123-reg control panel.
Change all your user passwords
Change any user passwords for your WordPress account, your FTP account and MySQL account.
Your WordPress account password can be changed by logging into your WordPress account and from the User menu on the right-hand side choosing edit user. You can enter the new password at the bottom of the page. For instructions on changing your MySQL password view this article. For advice on resetting your FTP password try this article.
Change your secret keys
If hackers have stolen your password they may remain logged into your WordPress account until you have changed your secret keys.
Visit the WordPress key generator to obtain a new random set of keys.
Then overwrite your new secret keys wp-config.php file with the new ones. This will disable the hacker's connection.
Take a backup of your WordPress files
Backup all of your WordPress files and databases to your local PC (label them as 'hacked site backup). You can then investigate these later.
Update your version of WordPress and plugins
You should also ensure that you are running the latest version of WordPress and any plugins installed on your account. This article offers further information on upgrading your version of WordPress. You can upgrade versions of plugins from within the WordPress updates menu when logged into your WordPress administration page.