As happens hidden spam on the body of a website!

function xViewState()
{
var a=0,m,v,t,z,x=new Array( etc. etc.

See: https://www.virustotal.com/nl/url/fafef8f5069120aacab621aefdfa1d1be7e6326db32f57a0fd91fb9049010541/analysis/1444227997/
Here we have detection: https://www.virustotal.com/nl/file/447d1b64b394d4347f58b12083908686de0c488947f1654f1438ac9103ddada3/analysis/1444169149/
See: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fzzhandler.com%2Fblog%2F%3Fp%3D3194&useragent=Fetch+useragent&accept_encoding=
And -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fzzhandler.com%2Fblog%2F%3Fp%3D3194

polonus

Apart from the malicious code that Avast and others detect on that website, the website has not been built with security in mind and the technology used isn’t particularly professional. Error! “Meta descriptions” cannot be found on this website, also enlarging the attack surface.
Error! The website does not use the OG (Open Graph) protocol. Inconsistent meta Description.
The robots.txt file is missing! Also a security flaw.
The elements below are blocking the “above the fold” rendering.
The javascript files below are blocking the rendering.
-http://zzhandler.com/blog/wp-includes/js/jquery/jquery.js?ver=1.11.3
-http://zzhandler.com/… /jquery-migrate.min.js?ver=1.2.1
-http://zzhandler.com/… /modernizr-1.6.min.js?ver=1.6
-http://zzhandler.com/… /jquery.easing-1.3.pack.js?ver=1.3
-http://zzhandler.com/… /hoverIntent.js?ver=4.3.1
-http://zzhandler.com/… /superfish.js?ver=4.3.1

The CSS files below are blocking the rendering.
-http://zzhandler.com/… /style.css
-http://zzhandler.com/… /style.reset.css
-http://zzhandler.com/… /style.layout.css
-http://zzhandler.com/… /style.typography.css
-http://zzhandler.com/… /style.globals.css
-http://zzhandler.com/… /lightbox.min.css?ver=1.3.4

Too many javascript files found which slows down the page load on the website.
-http://zzhandler.com/blog/wp-includes/js/jquery/jquery.js?ver=1.11.3
-http://zzhandler.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/modernizr-1.6.min.js?ver=1.6
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/jquery.easing-1.3.pack.js?ver=1.3
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/hoverIntent.js?ver=4.3.1
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/superfish.js?ver=4.3.1
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/supersubs.js?ver=4.3.1
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/jquery.imgCenter.minified.js?ver=6.0
-http://zzhandler.com/blog/wp-content/themes/autofocuslite-2/js/js.autofocus.js?ver=2.0
-http://zzhandler.com/blog/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js?ver=1.3.4.1

1KB (49% compression) could be saved on the analysed URL by minifying the javascript files.
The browser cache have not set correctly for all elements.

Image Optimisation: 43KB (7% compression) can be saved by optimising images.

If so many things on a website go wrong by just building it, the security situation might be likewise under par

polonus (volunteer website security analyst and website error-hunter)