What is wrong on this site? Trojan.HTML.Redirector.AW

See: http://quttera.com/detailed_report/powercreationsco.com nothing
Sucuri finds an issue with outdated WP: WordPress theme: http://powercreationsco.com/wp-content/themes/Opal/
Wordpress internal path: /home/powercre/public_html/wp-content/themes/Opal/index.php
WordPress version outdated: Upgrade required.
https://www.virustotal.com/file/7d178449e72b1593120b65cdc40c2b31f09b81c9ef4c0620cb806ca43e96bb9f/analysis/
for all.js
info: [decodingLevel=0] found JavaScript
error: undefined variable jQuery
error: undefined variable $.browser
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var $.browser = 1;
error: line:1: …^
Get a 404 The requested URL /wp-includes/js/jquery/undefined was not found on this server…
Reported to virus AT avast dot com

polonus

The following site had similar issues, but apparently has been cleansed now according to Sucuri and urlquery.net reports:
http://quttera.com/detailed_report/healthynutritionsite.com

pol

Hi Polonus,

I found nothing in the main HTML file, and scanning on VirusTotal, I get:
https://www.virustotal.com/file/2d47fc47856fe541dc976eba5e74e83f348b4995cb878f077580f204e37abd6c/analysis/1354460518/

So it looks like the first site was cleansed as well,
~!Donovan

On the first site I now get a fatal error: Fatal error: Call to undefined function get_header() in /home/powercre/public_html/wp-content/themes/Opal/index.php on line 1
Unable to properly scan your site. Site returning error (40x): HTTP/1.1 404 Not Found
And first site may be cleansed, but still stays vulnerable…
Web application version:
WordPress version: WordPress
Wordpress version from source: 3.3.1
Wordpress Version 3.3.2 based on: htxp://powercreationsco.com/wp-admin/js/common.js
WordPress directory: htxp://powercreationsco.com/wp-content
WordPress theme: htxp://powercreationsco.com/wp-content/themes/Opal/
Wordpress internal path: /home/powercre/public_html/wp-content/themes/Opal/index.php
WordPress version outdated: Upgrade required…

polonus

Indeed, as the latest wordpress version is 3.4.2 as seen here: http://wordpress.org/download/

~!Donovan

Older versions of wp-admin/js/common.js could be vulnerable to attacks. Remember the former versions were vulnerable towards XSS attacks… For 3.2.2. this summons up to:

* Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances. * Cross-site scripting vulnerability when making URLs clickable. * Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.
Info from http://codex.wordpress.org/Version_3.3.2 Codex

If website owners/admins won’t upgrade WP, someone will come “to rattle their website software-doors” sooner or later…

polonus