But there is also spamming going on from this script link there: Results from scanning URL: -
https://ws.areyouahuman.com/ws/script/9c23d8d067c270d618274dd8efa605efe4ce7a09Number of sources found: 98
Number of sinks found: 60
landing at: Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 0
Number of sinks found: 3
and
Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 2
Number of sinks found: 2
and
Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 2
Number of sinks found: 2
and
Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 0
Number of sinks found: 0
WordPress issues:
WordPress Version
4.2.5
Version does not appear to be latest 4.3.1 - update now.
The following plugins were detected by reading the HTML source of the WordPress sites front page.
wp-super-cache latest release (1.4.5)
http://wordpress.org/plugins/wp-super-cache/wordpress-seo latest release (2.3.5)
https://yoast.com/wordpress/plugins/seo/Warning User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.
ID User Login
1 Shawn829 shawn829
2 None
Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.
/wp-content/uploads/ enabled
/wp-content/plugins/ disabled
Re:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.hyperfxsupplements.com%2Fwp-content%2Fthemes%2Fcatalyst%2Flib%2Fjs%2Fnavbars%2Fsuperfish.js%3Fver%3D1.5.4polonus
