See:
https://www.yandex.com/infected?url=buwiwm.edu.pl&l10n=en&redircnt=1435236623.1See:
https://www.virustotal.com/en-gb/url/ce00218d98d0359c7385b1223e8ae08949ff9f65c284f24cf9e32bd77a632aac/analysis/1435236506/and
https://www.virustotal.com/en-gb/file/f58331c90d980b1280654df0c96c0f6d832edc89367d746855dd2c8eb3903728/analysis/1435186464/Site Potentially Harmful.
WP CMS Analysis: WordPress Version
4.2.2
Version is current
Found in META Generator Tag
Plug-ins some need updating:WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
wp-accessibility 1.4.0 latest release (1.4.1) Update required
htxp://www.joedolson.com/wp-accessibility/
menu-image 2.5 latest release (2.5)
htxp://html-and-cms.com/plugins/menu-image/
wordpress-seo 2.1.1 latest release (2.2.1) Update required
htxps://yoast.com/wordpress/plugins/seo/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
BUWIWM 1.0 vulnerable to Theme-editing exploit!
While plugins get a lot of attention when it comes to security vulnerabilities, themes are another source of security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers theme page for information about security related updates and fixes.
Warning User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.
User ID 1 : admin
User ID 2 : tomasz
-/jquery.scrollto.min.js?ver=1.4.5-beta also vulnerable to potential jQuery-based injection
could be mitigated inside a browser using NoScript script blocking protection!
polonus (volunteer website security analyst and website error-hunter)
