Website with unknown_html malware, vulnerable to PHP object injection.

Viruses and worms
1

Re: https://www.virustotal.com/nl/url/77be0100fa17be4f84dc215956782ed94d57ee8a93fc04f8eef3458a3407b935/analysis/1436988213/ Bitdefender TrafficLight to detect.

Three malicious files detected by Quttera’s:
-jeistructural.com/wp-content/themes/creativo/js/jquery.prettyphoto.js?ver=4.1.5
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -jeistructural.com
File size[byte]: 35739
File type: HTML
Page/File MD5: 18E5445F97BC22837848769BE4DE8CB9
Scan duration[sec]: 0.129000

/index.html
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -jeistructural.com
File size[byte]: 50127
File type: HTML
Page/File MD5: EA185C30A96F32A604FFE93CC1CB6E65
Scan duration[sec]: 0.209000
/#
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -jeistructural.com
File size[byte]: 50127
File type: HTML
Page/File MD5: EA185C30A96F32A604FFE93CC1CB6E65
Scan duration[sec]: 0.109000

Suspicious file: index
Severity: Suspicious
Detected suspicious redirection to external web resources at HTTP level-
Details: Detected HTTP redirection to htxp://www.jeistructural.com/services.
File size[byte]: 0
File type: Unknown
Page/File MD5: 00000000000000000000000000000000
Scan duration[sec]: 0.001000

WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.2

PHP Object injection vulnerability: https://www.owasp.org/index.php/PHP_Object_Injection

 <HTML> <HEAD> <TITLE>404-not found</TITLE> </HEAD><BODY> <H1> Error occurred: 404 - not found</H1><HR><ADDRESS> Apache Server at: d1045206-6876.localhost</ADDRESS></BODY> </HTML>

Results from scanning URL: htx://blastloadengineering.com
Number of sources found: 4
Number of sinks found: 105

Results from scanning URL: htxp://jeistructural.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Number of sources found: 14
Number of sinks found: 11

Results from scanning URL: htxp://jeistructural.com/wp-content/themes/creativo/js/modernizr.min.js?ver=4.1.5
Number of sources found: 7
Number of sinks found: 7

Results from scanning URL: htxp://jeistructural.com/wp-content/plugins/easy-twitter-feed-widget/lib/js/widget-easy-twitter-feed-widget.js?ver=1.0
Number of sources found: 13
Number of sinks found: 32

Results from scanning URL: htxp://jeistructural.com/wp-content/themes/creativo/builder/js_composer/assets/js/js_composer_front.js?ver=3.7.3
Number of sources found: 6
Number of sinks found: 6

polonus (volunteer website security analyst and website error-hunter)