See: https://www.virustotal.com/nl/url/1b9a725cc7a9595eebb8a043bd9352bbadb4e19da91f7e79a13c5fd46cff920f/analysis/1448471100/
6 files with Severity: Malicious → http://zulu.zscaler.com/submission/show/d6ecba55ee2822ab7ac629e4fc8ec80d-1448471146
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Detected Malicious JavaScript Injection
Consider: http://auditoriodetenerife.com/wp-content/plugins/gravityforms/change_log.txt
See for malcode view here: -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fryanwheelock.com%2Fwp-content%2Fplugins%2Fgravityforms%2Fjs%2Fjquery.placeholders.2.1.1.min.js%3Fver%3D1.8.9
landing at blocked for me: - http://www.statcounter.com/counter/counter.js
12 suspicious files: Severity: Suspicious
Reason: Detected URL that was generated during page execution.
Details: Procedure [replace] has been called with a string containing hidden URL ‘ai.do’
-http://ryanwheelock.com
Detected libraries:
jquery-migrate - 1.2.1 : -http://ryanwheelock.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery.prettyPhoto - 3.1.5 : -http://ryanwheelock.com/wp-content/themes/salient/js/prettyPhoto.js?ver=4.8.1
Info: Severity: high
https://github.com/scaron/prettyphoto/issues/149
https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
2 vulnerable libraries detected
WordPress Version
3.9.9
Version does not appear to be latest 4.3.1 - update now.
The following plugins were detected by reading the HTML source of the WordPress sites front page.
gravityforms malicious…
Warning User Enumeration is possible
polonus (volunteer website security analyst and website error-hunter)