Extensive tracking and privacy risks on website...

Word Press CMS seems correctly installed.
Over average security but recommendations for x-frame options header: https://observatory.mozilla.org/analyze.html?host=scoreherohackweb.wordpress.com General D-grade score status.
SRI hashes not being generated, but all scripts loaded over https

Retirable jQuery library detected: http://retire.insecurity.today/#!/scan/902d56cb8a4777b032c88f671a82e2307287be14bd30f879e872f9af37fe4ce4

Privavcy issues: https://privacyscore.org/site/34026/ (vuln. to Sweet32 and Lucky13 attacks).

Sources and sinks found: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fscoreherohackweb.wordpress.com

polonus (volunteer website security analyst and website error-hunter)

Error in this retirable code: -https://s2.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1479964158j

found JavaScript error: undefined function $ error: undefined variable $(copy) error: line:1: SyntaxError: missing ; before statement: error: line:1: var $(copy) = 1; error: line:1: ....^

polonus