Again a Word Press site with insecurity and the obvious wrong settings!

Re: https://sritest.io/#report/c8906fad-e3ae-4076-bfed-d1c24604ab49 = C-Status
WordPress version: 4.3.11
Version does not appear to be latest

Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 daniel daniel
2 Petko Petkov petko
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Retirable jQuery libraries: http://retire.insecurity.today/#!/scan/f653d26a922f09130bad26a7a7b976da4d3ce43484ae14bfa519e363cad7d814

F status and recommendations: https://observatory.mozilla.org/analyze.html?host=nexpur.com

polonus (volunteer website security analyst and website error-hunter)

Also consider this: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fnexpur.com

How is that for a software development company website, a firm focused on engineering web and mobile applications for businesses :o

Certainly not having best practices in store… ;D
For instance order of files could be wrong so we meet with the following error for
-nexpur.com/wp-content/themes/nexpur/js/bootstrap.min.js?ver=1 benign

run error: line:8: Bootstrap’s JavaScript requires jQuery , could be solved through a require statement, like

window.jQuery = window.$ = require(‘jquery’);
Info credits here go to StackOverflow’s Onur Yıldırım.

polonus