Potentially Suspicious Content Detected On This Website!

polonus · 2015-07-01T20:21:19.000Z

Re: /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.2.2
Severity: Potentially Suspicious
Reason: Suspicious JavaScript code injection.
Details: Procedure: + has been called with a string containing hidden JavaScript code .
Threat dump: Not available - htxp://wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.2.2Severity:Potentially%20SuspiciousReason:Suspicious%20JavaScript%20code%20injection.Details:Procedure:%20+%20has%20been%20called%20with%20a%20string%20containing%20hidden%20JavaScript%20code%20%3Cscript%3E%20videojs.options.flash.swf%20=
Threat dump MD5: 8A740BDDFAA9DF9EE701AD8A60BACD92
File size[byte]: 69896
File type: ASCII
Page/File MD5: C82E21D8A47592705D7932473706BF05
Scan duration[sec]: 3.995000
Re: https://sitecheck.sucuri.net/results/www.nixtel.re
Contact form 7 exploit vulnerability. Security Bypass. Bitdefender TrafficLight flags: https://www.virustotal.com/en-gb/url/09cc7000ffd30ba25c649f63d39b7f49447b98b98d1959dec36d6d7761c386cd/analysis/1435781201/

Re: http://www.dnsinspect.com/nixtel.re/1435781277

ISSUE DETECTED DEFINITION VULNERABLE HEADER
Outdated Web Server Apache Found Vulnerabilities on Apache 2.2 Apache/2.2.22

PHP vulnerable to bypass/exploit → http://security.stackexchange.com/questions/17407/how-can-i-use-this-path-bypass-exploit-local-file-inclusion. Peculiarities in PHP’s handling of file paths enable all sorts of subtle attacks on vulnerabilities that otherwise would appear unexploitable. For cold reconnaissance website analysts, these attack techniques may be worth knowing about.

polonus (volunteer website security analyst and website error-hunter)

polonus · 2015-07-01T20:43:45.000Z

Getting a closer look on the WP content -
The following plugins were detected by reading the HTML source of the WordPress sites front page.

autoptimize 1.9.4 latest release (1.9.4)
http://blog.futtta.be/autoptimize
revslider
punchstrap
online-leaf latest release (1.1)
http://www.onlineleaf.com/
contact-form-7 4.2.1 latest release (4.2.1)
http://contactform7.com/
showbiz

Goodweb - One 1.1http://themeforest.net/user/themepunch
While plugins get a lot of attention when it comes to security vulnerabilities, themes are another source of security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers theme page for information about security related updates and fixes.

Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

User ID 1 : thomas
User ID 2 : userololo

WordPress Version
4.2.2
Version is current
Found in META Generator Tag

polonus

Announcements