See: http://killmalware.com/bus.swierk.pl/# (5 hours ago).
No vulnerable libraries found an sich, checked: -http://bus.swierk.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
VT does not flag: https://www.virustotal.com/en/url/974299c71e8ea6314b1d5864d11193d7cfc2b2d46e3dfa0fd38cd68b7a560761/analysis/
Nothing here: https://urlquery.net/report.php?id=1456761332079
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
shortcodes-ultimate latest release (4.9.9)
http://gndev.info/shortcodes-ultimate/
wp-google-maps latest release (6.3.05)
http://www.wpgmaps.com
contact-form-7 4.3.1 latest release (4.4) Update required
http://contactform7.com/
LayerSlider
Warning User Enumeration is possible :
The first two user ID’s were tested to determine if user enumeration is possible.
ID User Login
1 None e-nomis
2 None swierk
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.
External link, see: http://toolbar.netcraft.com/site_report?url=http://js.zolotceulya.info
Sucuri detects the malware as known javascript malware. Details: http://sucuri.net/malware/entry/mw:js:gen2?web.js.injection.megaadvertize.001 6 instances of it. Read: https://wordpress.org/support/topic/malware-javascript-code-injected
Consider also: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fbus.swierk.pl%2Findex.php%2Foferta%2F
landing at: -http://bus.swierk.pl/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8
B-status here: https://sritest.io/#report/a64bd99c-a7e2-4f73-ad77-3815caec40d2
polonus
