Website with serious CMS risks.

See: https://sitecheck.sucuri.net/results/riotel.co
ISSUE DETECTED DEFINITION VULNERABLE HEADER
Outdated WordPress Found Security Updates WordPress Under 4.2
Outdated RevSlider Found. Serious risk Security Vulnerability Under 4.1.4 *

Extensive browser header info proliferation: Server: nginx/1.8.0

WP plug-ins

  • wp125
  • wp-pagenavi
  • Yoast SEO Plugin
  • revslider *

Word-Press Theme : u-design → exploitable? http://itpixie.com/2012/06/wordpress-exploit-alert-uploadify-php/

Warning: User Enumeration is possible

List of Javascript included:
-http://riotel.co/wp-includes/js/jquery/jquery.js?ver=1.11.1
-http://riotel.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
-http://riotel.co/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=4.1.4
-http://riotel.co/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.1.4
-http://riotel.co/wp-content/themes/u-design/sliders/cycle/jquery.cycle.all.min.js?ver=3.0.3
-http://riotel.co/wp-content/themes/u-design/sliders/cycle/jquery.easing.1.3.js?ver=1.3
-http://riotel.co/wp-content/themes/u-design/sliders/cycle/cycle3/cycle3_script.js?ver=1.0.1
-http://riotel.co/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.5
-http://riotel.co/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.5
-http://riotel.co/wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2
-http://riotel.co/wp-content/themes/u-design/scripts/script.js?ver=1.0
-js_composer

Encryption (HTTPS) (1)
Communication is NOT encrypted
http://riotel.co links to the following External Domains:
==>altea.websitewelcome.com

Website is at risk, confirmed here: http://toolbar.netcraft.com/site_report?url=http://riotel.co

178 websites on one and the same IP: https://www.virustotal.com/nl/ip-address/192.185.175.95/information/

Look out for file modifications like in:
-functions.php
-/framework/theme-functions.php
-/framework/extended/tgm-plugin-activation/class-tgm-plugin-activation.php
-framework/site-options.php
-js/custom-main.js

polonus