CMS problems on site that was earlier defaced 5 days ago!

See: http://killmalware.com/molpred35.ru/#


<title>hacked by people_hurt</title><center><div id=q>Indonesian Cyber Freedom
<font size=2>dEnny_Attacker | Mr.DellatioNx196 | SvN_NeVerMore | Ardana_ID | Achan Dot ID | CaptSalkus48 | Mr.HaurgeulisX196 | SengkeL | Railver6 | people_hurt | Wall-e83 | TOGEL3739 | Hit Gir'l | Ghost99 | Zomb0x | rona404 | Xpecto | ./Dawn_angel | nG0xz | Fathur.xZ | aAn | Bangka_Boys <style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}

Word Press → WordPress Version
4.1.5
Version does not appear to be latest 4.2.2 - update now.
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

wp-postratings 1.80 latest release (1.81) Update required
http://lesterchan.net/portfolio/programming/php/
cd-bp-avatar-bubble 2.5.1 latest release (2.5.1)
http://cosydale.com/plugin-cd-avatar-bubble.html
wp-user-frontend latest release (2.3.6)
https://wordpress.org/plugins/wp-user-frontend/
buddypress-media 3.7.33 latest release (3.8.9) Update required
http://rtcamp.com/rtmedia/
wp-polls 2.68 latest release (2.69) Update required
http://lesterchan.net/portfolio/programming/php/
buddypress-global-search 1.0.6 latest release (1.1.0) Update required
http://www.buddyboss.com/product/buddypress-global-search/
nextgen-gallery latest release (2.1.0)
http://www.nextgen-gallery.com
cubepoints-buddypress-integration 1.9.8.9 latest release (1.9.8.9)
http://wordpress.org/extend/plugins/cubepoints-buddypress-integration/
wordpress-seo 1.7.4 latest release (2.2.1) Update required
https://yoast.com/wordpress/plugins/seo/
bbpress 2.5.4 latest release (2.5.8) Update required
http://bbpress.org
buddypress 2.2.1 latest release (2.3.2.1) Update required
https://buddypress.org/
contact-form-7 4.1 latest release (4.2.1) Update required
http://contactform7.com/
leaflet-maps-marker latest release (3.9.9)
https://www.mapsmarker.com

WordPress Theme
The theme has been found by examining the path /wp-content/themes/ theme name /

molpred 1.0http://zelenin.me

Compromised sites will often contain embedded iframes that can also deliver malicious code to visitors of the web site. Check any discovered iframes and ensure they are legitimate.

-http://vk.com/video_ext.php?oid=-39311742&id=167609963&hash=44eccbe7bd54e946&hd=1
//www.youtube.com/embed/MjwWeWlFwS4

Vulnerabilities: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fmolpred35.ru
e.g.: Results from scanning URL: http://molpred35.ru/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.2
Number of sources found: 84
Number of sinks found: 29
Vurnerable libraries detected: http://retire.insecurity.today/#!/scan/8a2826d1f54e702c5f420e9ab696cc4226d4e1d3227e63ebc42a8328d5ea25ff
http://bugs.jquery.com/ticket/11290

Please get this website more secure :stuck_out_tongue:
See report here: http://www.kiwiseo.com//molpred35.ru/

polonus (volunteer website security analyst and website error-hunter)

For those that haven’t got this, I sketched the previous infested situation here. The killmalware scan now is all green, but the apparent vulnerabilities on website remained, That is all that I wanted to post,

pol