Site was previously hacked and defaced and now recovered. See DOM/XSS scan results: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fvipw.in
WordPress CMS seems OK, but there is a SRI hash missing for this code: Missing SRI hash
That particular code also was detected at code that should be retired: -http://vipw.in
Detected libraries:
jquery - 1.11.1 : (active1) -http://code.jquery.com/jquery-latest.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
jquery-migrate - 1.2.1 : -http://vipw.in/wp-includes/js/jquery/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery.prettyPhoto - 3.1.4 : (active1) -http://vipw.in/wp-content/themes/kingdom/scripts/frontend/jquery.prettyPhoto.js
Info: Severity: high
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6837&cid=3
Info: Severity: high
https://github.com/scaron/prettyphoto/issues/149
https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
(active) - the library was also found to be active by running code
3 vulnerable libraries detected

This website is insecure.
90% of the trackers on this site could be protecting you from NSA snooping. Tell vipw.in to fix it.

Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.

82=n0_pglp18svxxxxxxxr3qcaw-agsuj39zjnxe_yk2c3rmrusghqguugtwp70jb9jg0ljrot296hmja5rovvrdevz6gblyq6fi19cyd–jggusv5lgbuikjsibktoqa1thpskuhlzregs3_-k maps.google.com nid

15 Content requests were being performed. http://toolbar.netcraft.com/site_report?url=http://vipw.in Hosted by GoDaddy on secureserver dot net with questionable web rep.

polonus (volunteer website security analyst and website error-hunter)