dowut it is in the init.php file, probably a different one.It appears that file init.php on line #32 injects some encoded SQL code in to the database from wordpressnull org website. My guess it's a backdoor or a hidden backlink. Beware.
This is the init file
Code:
namespace FSPoster;
use FSPoster\App\Providers\Bootstrap;
defined( 'ABSPATH' ) or exit;
require_once __DIR__ . '/vendor/autoload.php';
new Bootstrap();
do a search from the command line in root wp dir if running linux
grep -rnw './' -e 'wordpressnull'