See: WordPress Version
4.3.1
Version does not appear to be latest 4.4.2 - update now.WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
picasa-express-x2 2.2.10 latest release (2.2.10) http://wordpress.org/extend/plugins/picasa-express-x2
ml-slider 3.3.5 latest release (3.3.6) Update required https://www.metaslider.com
siteorigin-panels 2.2.1 latest release (2.3.1) Update required https://siteorigin.com/page-builder/
contact-form-7 4.3.1 latest release (4.4) Update required http://contactform7.com/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
This all could have led up to this: http://nintechnet.com/malware/?threat=2016-02-09.11
VULNERABILITY None, infected plugins were hosted in the official WordPress Plugin repository (breadcrumbs-ez, enable-google-analytics)
Now we see how important scanning your CMS for security might be…
polonus (volunteer website security analyst and website error-hunter)
To topple that cake off, Steven, as you are so right while the attacker(s) particularly were looking for " jQuery.get('theme-editor.php?file" there to compromise, which is a way to deface and hack uploading script using theme editor → http://wordpress.stackexchange.com/questions/60585/websites-defaced-by-uploading-script-using-theme-editor
This is a completely automated attack, dating back to 2012 - Info credits go to Otto there.
And then there is more code to disssect for XSS dom sources and sinks aka vulnerabilities,
so look here, my good friends:
Hope your ad- and script blockers have that link covered and blocked (ad- and tracking server blocking)
Note that -http://bootstrap.myftp.org comes blocked as malcious by MBAM Home Premium.