Cleansed website still vulnerable?

-http://sandrameijer.nl/
Detected libraries:
jquery-migrate - 1.2.1 : -http://sandrameijer.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=8ec8bd7160a5b729cae002ed580e36cd
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : (active1)- http://sandrameijer.nl/wp-includes/js/jquery/jquery.js?ver=8ec8bd7160a5b729cae002ed580e36cd
(active) - the library was also found to be active by running code
1 vulnerable library detected

WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

js_composer
contact-form-7 4.4 latest release (4.4)
http://contactform7.com/
SD-mobile-nav
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.

Insecure IDs tracking: 75% of the trackers on this site could be protecting you from NSA snooping. Tell sandrameijer.nl to fix it.

Respectable hoster better should fix these few security issues: http://toolbar.netcraft.com/site_report?url=http://sandrameijer.nl

Re: Stylesheets 1 issues
Tag Result

Missing SRI hash

polonus (volunteer website security analyst and website error-hunter)