Website recovered from malware incident, but still vulnerable!

See: http://maldb.com/joywilson.ca/
See: http://sitecheck.sucuri.net/results/joywilson.ca/
Why still vulnerable CMS outdated: Wordpress internal path: /home/pole/public_html/joywilson.ca/wp-content/themes/ward/index.php
WordPress version outdated: Upgrade required.
PHISHING IP now dead: http://support.clean-mx.de/clean-mx/phishing.php?id=3394481
code hick-ups: http://jsunpack.jeek.org/?report=143be46c82de22ad4a0d7e6867464b48cedb5ac3
Web server software may be vulnerable to Effusion malware via 8080/tcp open http!
Excessive header info spread to the globe and attackers and site vulnerable to clickjacking.
Bericht zu Seite: http://saferpage.de/joywilson.cahttp://urlquery.net/report.php?id=8912179
Given clean here: http://urlquery.net/report.php?id=8912179
Virus Tracker classification: wXw.joywilson.ca,108.162.199.172,Multiple IPs,
Issues on same IP for other domain: http://urlquery.net/report.php?id=8905569
Virus Tracker classification = teentalk dot us,108.162.198.172,eva.ns.cloudflare dot com,Multiple IPs,
Malware history for IP: https://www.virustotal.com/nl/ip-address/108.162.199.172/information/
191 websites on one and the same IP: http://sameid.net/ip/108.162.199.172/

polonus