SQL injection attack

I’ve had 3 WordPress websites hit with an SQL injection attack. It seems identical to the one on this closed thread.

I fixed by restoring the database to a version from a few days ago (my host allows this via their control panel). I also changed the password for the database, as well as WordPress login. However one of the websites has been hit again with the same attack.

I’ve opened a ticket with my host to see if a script they ran recently has introduced a vulnerability. They had made changes to the system to boost security, however it “caused an issue in the connection between my main domain and the static sub-domain” – the static subdomain being nginx where images & CSS is pulled from.

I’m unable to find a trace of how or where the attack happened. There don’t seem to be any new or changed files within the WordPress install.

Any advice?