« previous next »
Pages: [1]   Go Down

Author Topic: Malware on outdated Word Press CMS website with insecurity!  (Read 1040 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33930
  • malware fighter
Malware on outdated Word Press CMS website with insecurity!
« on: March 24, 2017, 11:45:00 PM »
See: http://urlquery.net/report.php?id=1490360667324
WordPress Version
4.7
Version does not appear to be latest 4.7.3 - update now.

Check outdated? plug-ins:    feedburner-form   latest release (1.4.2)
http://dianakcury.com/dev/feedburner-form

si-captcha-for-wordpress 3.0.0.6   latest release (3.0.0.8) Update required
https://wordpress.org/plugins/si-captcha-for-wordpress/

Retirable jQuery library: -http://women.in.ua
Detected libraries:jquery - 1.7.1 : -http://women.in.ua/wp-content/themes/2/jquery.js?ver=4.7.3
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/

B-status here: https://sritest.io/#report/f644a489-165c-4544-b56a-df2092d203c0

F-C-F-X- status: http://women.in.ua
Self-signed certificate: https://www.htbridge.com/ssl/?id=c3d182b27b67eb13f16c3ab0958bc358f7f703ca1c72af25ed80f4f10f7c2fe2

Re: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=women.in.ua&ref_sel=GSP2&ua_sel=ff&fs=1
and
https://urlscan.io/result/52df8e8c-024b-40a4-87c4-6474765f8196#summary

See domain history here: http://zulu.zscaler.com/submission/show/2fefe1bf2323f83f611e5d9d584a5215-1490394623

IP is on Ransomware tracker - Locky related: https://ransomwaretracker.abuse.ch/ip/5.34.183.21/

Sinks and sources detected: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwomen.in.ua

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »