This pops up with a litany of errors, every time I try to go to my client’s site.
Threat: HTML:Script-Inf(Susp)
URL: htxp://totalcaredental.com
Detected by Web Shield
I am trying to ascertain what might be the issue (if it’s something in the wordpress plugin, Elementor, as a ton of pieces of it crop up the same way, but different sets of malarkey).
I didn’t cross post or copy the file to post to VT, I just did a bog standard scan in VT and Securi (which I mentioned was the clincher).
I made an assumption (I know) yours was somehow linked to the original URL I had scanned.
Your WP CMS seems OK, exept for dethemekit-for-elementor Unknown latest release (2.0.2)
-https://vastthemes.com
. Website may be infested with a generic trojan, bank-malware, spyware, ransomware, infostealer, Remote Access Trojan, cryptocurrency-miner. It secretely makes changes to the Windows registry.
Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
Leaked PHP version. Your site is displaying your PHP version in the HTTP headers. Please set expose_php = Off.
But wait for a final verdict from avast’s.
polonus (volunteer 3rd party cold recon website-security analyst and website error-hunter)