WordPress has security holes that can allow for compromise, and frequently, malicious actors use these holes to spread infections across several WordPress sites. Out-of-date websites frequently become the subject of attacks from many threat actors or the same attacker utilising a variety of different routes. Our team recently discovered a database injection that uses two distinct malware programmes to achieve two unconnected objectives. A spammy sports website is redirected by the first injection, while a spammy casino website is given more authority by the second injection in search engine results. The initial injection affected 82 locations, but the second injection affected about 270 sites. Despite the fact that the virus parts are dispersed across a WordPress database, they each have distinct functions.