You're running a Wordpress blog. Wordpress plugins are fairly commonly found to have vulnerabilities that could allow an attacker to gain unauthorized access.
Instead of deleting and restoring from backup, you need to find the way they're coming in and fix that. It would be like demolishing your house after someone stole the keys but leaving the locks the same when you rebuild.
You're best bet at finding how they got in is to look through your webserver logs. Any entries that look "odd" should be investigated. (usually Google is your friend for this)
If you have any specific questions about log entries, feel free to post them here.
eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+