Website given as safe, but full of insecurity and so vulnerable...

[polonus]

Where it was given as basically safe: https://issafe.co/bokshaber.net
Looking more scrupulously and when we perform a WordPress security scan,
we will find: js_composer plug-in (is it still being supported?).

We have Warning User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   None   bokshaber
2   None   burak

Retirable jQuery: http://retire.insecurity.today/#!/scan/0d935df22701e03bc3709be2154b4ab35dd4372a9521c978228c537e47165bbb

Three warnings via an asafaweb scan: https://asafaweb.com/Scan?Url=bokshaber.net

F-F-X-status: https://observatory.mozilla.org/analyze.html?host=bokshaber.net

Insecure IDs tracking: This website is insecure.
87% of the trackers on this site could be protecting you from NSA snooping. Tell -bokshaber.net to fix it.

Identifiers | All Trackers
 Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.

 -Google id
 -www.google.com nid
 -www.bokshaber.net phpsessid
4fg51oXXXXX19vm2gqtle167v6  -bokshaber.net phpsessid

polonus (volunteer website security analyst and website error-hunter)