See: https://www.virustotal.com/en/url/d2956f8be1c1c6f2e92edfed1894776e77caae3ccf89fb1a8d059fb45a7e4204/analysis/1455123601/
See where nothing is being detected: https://sitecheck.sucuri.net/results/westminsterva.dreamhosters.com
Web application version:
WordPress version: WordPress
WordPress theme: -http://westminsterva.org/wp-content/themes/Divi-4/
Wordpress internal path: /home/wespre/westminsterva.org/wp-content/themes/Divi-4/index.php
WordPress Version
.6.1
Version does not appear to be latest 4.4.2 - update now.
Plug-in insecurity: The following plugins were detected by reading the HTML source of the WordPress sites front page.
jetpack 3.9.1 latest release (3.9.1)
http://jetpack.me
shortcode-toggle latest release (1.0.9)
http://www.arefly.com/shortcode-toggle/
all-in-one-event-calendar 2.3.8 latest release (2.3.8)
http://time.ly/
monarch
wp-google-maps latest release (6.3.05)
http://www.wpgmaps.com
contact-form-7 4.3.1 latest release (4.3.1)
http://contactform7.com/
iQuery library code to be retired: -http://westminsterva.dreamhosters.com/
Detected libraries:
jquery-migrate - 1.2.1 : -http://westminsterva.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=5347aafc54ee525568756fd89d01173d
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
1 vulnerable library detected
29 unsafe/30 tags detected: https://sritest.io/#report/66d665ab-06aa-40a2-94d3-0f5766f4ad48
that is why we should reckon with the vulnerabilities found up here (sources and sinks):
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwestminsterva.dreamhosters.com%2F
Also consider website risk status here: http://toolbar.netcraft.com/site_report?url=http://westminsterva.dreamhosters.com
polonus (volunteer website security analyst and website error-hunter)