Site cleansed but still vulnerable...

[polonus]

Infested 1 month ago: https://www.virustotal.com/en/url/4d359138014f97e05750c6f8694a24f78e5db7cb843bd1e4fa543e0ce8ab4b5e/analysis/
Site still vulnerable because outdated CMS:
Web application version:
WordPress version: WordPress 3.1.1
Wordpress Version 3.1.x based on: htxp://jaslobike.pl/wp-includes/js/autosave.js
WordPress theme: htxp://jaslobike.pl/wp-content/themes/twentyten/
Wordpress internal path: /home/jaslobike/domains/jaslobike.pl/public_html/wp-content/themes/twentyten/index.php
WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.0

Site cleansed: http://killmalware.com/jaslobike.pl/#  & http://quttera.com/detailed_report/jaslobike.pl

See tracker tracker report attached for script links from that website.
Do not open links in a browser, results given for research purposes only - no tracking established.
But Google Analytics Tracker and Facebook Tracker are there. See: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fjaslobike.pl%2F&useragent=Fetch+useragent&accept_encoding=

polonus

[!Donovan]

Hi Polonus,

The amount of outdated software featured on the site is shocking, really. Serving static HTML files would be OK, but using WordPress (which uses PHP and SQL) is a no-no because it is possible to have access to a whole portion of the server-side.

Newer versions of WordPress automatically update, but it doesn't help the abandoned websites or less savvy users that run an older version of the software.

~!Donovan