Use of jQuery migrate plug-in could have produced earlier problems here.

See: https://github.com/jquery/jquery-migrate/issues/36
Where it was flagged: -http://nudepatch.net/ (website given clean now, but blocked 9 days ago)

Detected libraries:
jquery-migrate - 1.2.1 : -http://nudepatch.net/wp-includes/js/jquery/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
1 vulnerable library detected

See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fnudepatch.net%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js

External script that often is blocked for users with adblocking: Missing SRI hash

WordPress seems secure.

polonus

Another example of this and why the www variety of the site was taken down.
Re: http://toolbar.netcraft.com/site_report?url=http://wide-netzwerk.at
Joomla Version
3.4
Version does not appear to be latest 3.4.8 - update now.
And the same plug-in at the culprit of this, this code is insecure folks:
-http://www.wide-netzwerk.at/
Detected libraries:
jquery-migrate - 1.2.1 : -http://www.wide-netzwerk.at/media/jui/js/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
swfobject - 2.1 : -http://www.wide-netzwerk.at/plugins/content/multithumb/shadowbox/shadowbox.js
jquery - 1.11.2 : (active1) -http://www.wide-netzwerk.at/media/jui/js/jquery.min.js
(active) - the library was also found to be active by running code
1 vulnerable library detected

This website is insecure.
25% of the trackers on this site could be protecting you from NSA snooping. Tell wide-netzwerk.at to fix it.
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.

d5fb79cb40xxxxxxxxx42d9651ae2ac1a1445965753
All trackers: webpage -Google -www.wide-netzwerk.at -www.wide-netzwerk.at -ssl.google-analytics.com

polonus (volunteer website security analyst and website error-hunter_

@ all here that take an interest in the subject,

In the light of all this I encourage you to read this article from Infosec Institute: http://resources.infosecinstitute.com/safely-and-wisely-use-jquery/
Also read here: https://www.securityinnovation.com/training/application-security/computer-based/courses/secure-coding/creating-secure-jquery-code.html
Know how to mitigate retirable code - scan at http://retire.insecurity.today/#
and live up to what has been put forward by the jQuery Foundation Committee, read: https://jquery.org/conduct/enforcement-manual/
My good friends, let us all appreaceate fine code with security at heart.

polonus (volunteer website security analyst and website error-hunter)