Good Morning, We have an issue we were made aware of when a client was accessing our website www.springo.io, the error generated by Avast Free edition was
Threat Blocked
We’ve safely aborted connection on www.springo.io because it was infected wit Script:SNH-I-gen [Trj].
What is the best way of us approaching avast to get more information on this please?
We would like to ensure our site is not infected and is not pulling up false positives
Many Thanks
Seems your Word Press website CMS has 4 issues to look into.
Two plug-ins to update a.s.a.p.: elementor 3.1.4 Warning latest release (3.2.4)
https://elementor.com/
wordpress-seo 16.3 Warning latest release (16.4)
https://yoa.st/1uj
Configuration settings wrong: User Enumeration
The first two user ID’s were tested to determine if user enumeration is possible.
Username Name
ID: 1 springo springo
ID: 2 mike Mike Garcia
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.
Website connection insecure by default: At least 10 third parties know you are on this webpage.
-Google
-www.springo.io
- www.googletagmanager.com
-springo.io
-Google
-js.hscollectedforms.net
-js.usemessages.com
-js.hs-banner.com
-js.hs-analytics.net
-shaaaaaaaaaaaaa.com -shaaaaaaaaaaaaa.com
-https://js.hs-analytics.net/analytics/1621104000000/7781906.js is ad-blocked for me in the browser.
polonus
Thankyou for this info and thankyou for responding so quickly
Very helpful