What unknown threat on this website?

[polonus]

Unknown html: http://minotr.net/detail?md5=75a5b50b50565275c1547afd564e1025
See strings dump - static mode - and JSUNPACK active Mode, fetching 7 new URLs
   fetching URL (script) wXw.solar-stuttgart.com

fetch_ddbaca6c9c625beb5e018af6626fc12fea0d889e
      info: [decodingLevel=0] found JavaScript
      file: fetch_ddbaca6c9c625beb5e018af6626fc12fea0d889e: 1403 bytes

      info: [decodingLevel=0] found JavaScript

Google safe browse check
WARNING
Google finds the site to be potentially dangerous.

WordPress:

Warning User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   None   admin
2      None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Linked sites
   Externally Linked Host   Hosting Provider   Country

-www.solarplus-stuttgart.de   Vautron Serverhousing   Germany           given green

-www.solar-stuttgart.com   ISP4P IT Services   Germany                    given red

Retirable jQuery: -http://solar-stuttgart.com/
Detected libraries:
jquery-migrate - 1.1.1 : -http://www.solar-stuttgart.com/wp-content/themes/ph/jquery-migrate-1.1.1.js?ver=4.5.3
Info: Severity: medium
http://blog.jquery.com/2013/05/01/jquery-migrate-1-2-0-released/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery-migrate - 1.1.1 : -http://www.solar-stuttgart.com/wp-content/themes/ph/jquery-migrate-1.1.1.js?ver=4.5.3
Info: Severity: medium
http://blog.jquery.com/2013/05/01/jquery-migrate-1-2-0-released/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.9.1 : (active1) http://www.solar-stuttgart.com/wp-content/themes/ph/jquery.js?ver=4.5.3
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
jquery - 1.9.1 : (active1) -http://www.solar-stuttgart.com/wp-content/themes/ph/jquery.js?ver=4.5.3
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
4 vulnerable libraries detected

A-Status here: https://sritest.io/#report/48b51951-8033-4146-a1e6-8eb908f940ff

Scanner output: Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze19
IP Address: 85.93.21.131   *
Provider: ISP4P IT Services
Country: Germany

Cloaking There is a difference of 2739 bytes between the version of the page you serve to Chrome and the version you serve to GoogleBot. This probably means some code is running on your site that's trying to hide from browsers but make Google think there's something else on the page.
See: http://isithacked.com/check/http%3A%2F%2Fwww.solar-stuttgart.com
Blacklisted for an infection with malware.

* On that IP: https://www.threatminer.org/host.php?q=85.93.21.131  (rather informative)

polonus (volunteer website security analyst and website error-hunter)