Website cleansed SE visitor's redirects but has vulnerable CMS!

Re: WordPress Version
4.5
Version does not appear to be latest 4.5.1 - update now.

The following plugins were detected by reading the HTML source of the WordPress sites front page.

cafepress-widget latest release (1.0.5)
SocialShare latest release (1.0)
wysija-newsletters latest release (2.7.1)
http://www.mailpoet.com/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.

Low F-Status here: https://securityheaders.io/?q=http%3A%2F%2Fwww.mutagenize.us

SRI test OK: https://sritest.io/#report/258466c0-4e8e-453f-8d39-d7a9f5b119f7

The address you entered is unnecessarily exposing the following response headers which divulge its choice of web platform:

Server: nginx/1.10.0
Configuring the application to not return unnecessary headers keeps this information silent and makes it significantly more difficult to identify the underlying frameworks

Nameserver is DROWn vuln.: https://test.drownattack.com/?site=ns6443.hostgator.com
http://toolbar.netcraft.com/site_report?url=https://gator3222.hostgator.com
and hostgator is COMODO certified. Intermediate Certificate Tested Certificate.

pol