Magento certified web developer, wordpress 5 years of experience, redhat certified engineer, computer forenbsic and penertration testing graduate with a 1st degree honours. I can certainly help you with the problem at hand. Though metasploit is probably the wrong tool for this job.
Is your server dedicated or vps ? if so we can lock alot of it down for the proposed quote.
If its shared i sugest moving to a vps to allow more control
Whats the version of your wordpress install ? if outdated it will need updating.