Sucuri misses the WP vulnerabilities here?

See: https://sitecheck.sucuri.net/results/rainwaterzone.com
Quttera’s also: http://quttera.com/detailed_report/rainwaterzone.com
IP malware history: https://www.virustotal.com/nl/ip-address/204.152.255.2/information/
http://www.liveipmap.com/204.152.255.2
WP theme: Blue Mix 4.01htxp://heatmaptheme.com
Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

User ID 1 : admin
User ID 2 : None

Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.

/wp-content/uploads/ enabled
/wp-content/plugins/ disabled

Detected: http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en http www.google.com /coop/cse/brand n/a form=cse-search-box&lang=en 2015-07-06 17:56:40
http://pagead2.googlesyndication.com/pagead/show_ads.js http pagead2.googlesyndication.com /pagead/show_ads.js n/a 2015-07-06 17:56:40

polonus