See: https://www.virustotal.com/nl/url/7c741d120b97728c1578ae2fe6a0494c53292fdff9d8fdc2df654cca21d1c3dd/analysis/1421937397/
Web application version:
WordPress version: WordPress
Wordpress Version 3.8 for: htxp://brenttauntonjoinery.co.uk/wp-includes/js/wp-ajax-response.js
All in One SEO Pack version: 2.2.4.2
WordPress theme: htxp://brenttauntonjoinery.co.uk/wp-content/themes/headway-2014/
Wordpress internal path: /home3/rainster/public_html/brenttauntonjoinery.co.uk/wp-content/themes/headway-2014/index.php
Exploit: http://www.exploit-db.com/exploits/25137/ → http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
What IP there holds: https://www.virustotal.com/nl/ip-address/192.185.21.14/information/ -? Win32:Parite also Worm.Win32.AutoRun.Abt

mail servers with inconsistent reverse DNS entries - SOA issues → http://www.dnsinspect.com/brenttauntonjoinery.co.uk/1421937835
See: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fbrenttauntonjoinery.co.uk&useragent=Fetch+useragent&accept_encoding=
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fbrenttauntonjoinery.co.uk%2Fxmlrpc.php
Re: https://code.google.com/p/domxsswiki/wiki/TheReferrerSource
Plug-in abusable?
Also exploitable? http://www.exploit-db.com/exploits/24530/ & http://1337day.com/exploit/20318

polonus