Outdated CMS - nameserver issues and malicious download on website!

See: https://urlquery.net/report.php?id=1434893115120
and https://www.virustotal.com/en-gb/url/951a23ae7368d5d2f148249d9e384884415c6a4b4966f4ce644e403fb0daa147/analysis/#additional-info
Malicious files and potentially supicious file: http://quttera.com/detailed_report/www.doscar.com
References to blacklisted domain.
wp-content/plugins/jquery-updater/js/jquery-2.1.4.min.js?ver=2.1.4
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method eval = eval;
Threat dump: see pop-up on http://quttera.com/detailed_report/www.doscar.com
Threat dump MD5: 6C7172CF508F5403908529F166B9FC6B
File size[byte]: 84345
File type: ASCII
Page/File MD5: F9C7AFD05729F10F55B689F36BB20172
Scan duration[sec]: 2.747000
POC for vulnerable code - sanitised (version specific) allowing the attacker to insert Javascript code. … discovered in the WordPress plugin BackWPup 2.1.4
Outdated WordPress Found Security Updates WordPress Under 4.2

polonus

In the WP analysis the following was foundto be insecure: version 4.01 - Version does not appear to be latest 4.2.2 - update now.
Plug-ins that need to be updated: woocommerce 2.3.8 latest release (2.3.11) Update required
htxp://www.woothemes.com/woocommerce/
siteorigin-panels 2.1.1 latest release (2.1.2) Update required
htxp://siteorigin.com/page-builder/
wordpress-seo 2.1.1 latest release (2.2.1) Update required
htxps://yoast.com/wordpress/plugins/seo/

Theme: Novita 2.4http://newwpthemes.com/novita-free-wordpress-theme/

Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

User ID 1 : admin
User ID 2 : gerente Threat - Brute Forece Attacks

For scripts and source code → http://fetch.scritch.org/%2Bfetch/?url=www.doscar.com&useragent=Fetch+useragent&accept_encoding=
& http://vnseo.com/www.doscar.com

Website listed at Spam Cannibal.

pol