Avast detects HTML:HideMe-F [Trj] here:
https://www.virustotal.com/nl/url/e914c730feb137e9ef96ea0d9f0c5b3e682ce7b0c98e23fdbdd035a3362afa4e/analysis/1442417906/see:
https://www.virustotal.com/nl/file/435bb746aa3fa9425f8bc5d5a69c2be535bed6ad8c04ad2ee7bf631a7bb7aab5/analysis/1442238139/To be detected:
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/nelson-mandela/feed/
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/dr-aklilu/feed/
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/botlhale-boikanyo/feed/
Up(nil): unknown_html ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/botlhale-boikanyo/
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/aparteid/feed/
Up(nil): unknown_html ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/aparteid/
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/tag/africa-2/feed/
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/sarahobama/feed/
Up(nil): unknown_html_RFI_shell ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/?p=487
Up(nil): unknown_html_RFI_shell ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/?p=388
Down: NA ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/?p=285
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/obama/feed/
Up(nil): PE:Backdoor.Win32.Gbod.b!1616603[F1] ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/author/africanbits/feed *
Up(nil): unknown_html_RFI_php ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/an-african-chief/feed/
Up(nil): unknown_html_RFI_shell ARIN US abuse at godaddy.com 97.74.182.1 to 97.74.182.1 africanbits.com -http://africanbits.com/180/
Sucuri detects: SSUE DETECTED DEFINITION INFECTED URL
SEO Spam MW:SPAM:SEO?r -http://africanbits.com ( View Payload )
SEO Spam MW:SPAM:SEO?r -http://africanbits.com/404testpage4525d2fdc ( View Payload )
SEO Spam MW:SPAM:SEO?r -http://africanbits.com/404javascript.js ( View Payload )
SEO Spam MW:SPAM:SEO?r -http://africanbits.com/new-page/ ( View Payload )
SEO Spam MW:SPAM:SEO?r -http://africanbits.com/staff/ ( View Payload )
SEO Spam MW:SPAM:SEO?r -http://africanbits.com/featured-story/ ( View Payload )
Known Spam detected. Details:
http://sucuri.net/malware/entry/MW:SPAM:SEO?r<div id='HiddenDiv'> Small wonder the provider opined the Daily XXXX Pill <a href="-http://el-au.org/" title="" title="pharmacy and smut spam <style>.hvx6{position:absolute;clip:rect(482px,auto,auto,452px);}</style> </div><script type='text/javascript'>if(document.getElementById('HiddenDiv') != null){document.getElementById('HiddenDiv').style.visibility = 'hidden';document.getElementById('HiddenDiv').style.display = 'none';}</script>
*Known javascript malware. Details:
http://sucuri.net/malware/entry/MW:SPAM:SEO?g12t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}xViewState();
Web application version:
WordPress version: WordPress 3.4.2
Wordpress version from source: 3.4.2
Wordpress Version 3.3 or 3.4 based on: -http://africanbits.com/wp-includes/js/autosave.js
WordPress theme: -http://africanbits.com/wp-content/themes/Website-Video-Plus/
Wordpress internal path:- /home/content/46/9852946/html/wp-content/themes/Website-Video-Plus/index.php
WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.2 :
WordPress Version
3.4.2
Version does not appear to be latest 4.3 - update now.
Warning: WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
jetpack 1.7 latest release (3.7) Update required
http://jetpack.meWordPress Theme
The theme has been found by examining the path /wp-content/themes/ *theme name* /
VideoPlus 1.0.7http://www.theme-junkie.com
Warning User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.
ID User Login
1 africanbits africanbits
2 None
See:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fafricanbits.compolonus