Injection of a remote script typically made either via vulnerabilities in Newspaper/Newsmag themes or via abandoned searchreplacedb2.php scripts.
or an encoded version
eval(String.fromCharCode(118, 97, 114, 32, 115,...skipped... 59, 10))
Domain names change frequently.
In case of the searchreplacedb2.php infection vector, the script should be removed from WordPress posts and from various options in the wp_options table. If you are using some database search and replace tool, make sure it correctly works with serialized data, otherwise it make break the site.
Affecting: As of 2017, mostly WordPress sites.
For more information read our blogpost