Check your header.php. They most likely got access to your site and then added the links in the header. You should see a bunch of the links as soon as you open it up. If you need help cleaning it out I could take a look at it for you but they should be right there. It's a common thing with wordpress. After you clean the spam out, you need to make sure your wordpress site stays updated and then install a security plugin like this one.
https://wordpress.org/plugins/better-wp-security/
Hope this helps