Vulnerable scripts and iFrames on this website?

[polonus]

See these, probably OK, but not with "same orginin" protection:

Any iframes? Yes there are.

<iframe src="//fast.wistia dot net/embed/iframe/h7rbvx9f4q?videoFoam=true" allowtransparency="true" frameborder="0" scrolling="no" class="wistia_embed" name="wistia_embed yp-startpage-video-iframe" allowfullscreen="" mozallowfullscreen="" webkitallowfullscreen="" oallowfullscreen="" msallowfullscreen="" height="440px"></iframe>
<iframe src="htXps://www.googletagmanager.com/ns.html?id=GTM-M9CWR6" height="0" width="0" style="display:none;visibility:hidden"></iframe>

Retirable jQuery libraries 2 detected: http://retire.insecurity.today/#!/scan/51aa6c359ca43eb59c3cf62b404797860ddbad07dd2d38f7c25d6e6cfb5aea5a

A meagre F-status for 11 issues: https://sritest.io/#report/a61fe987-0141-496f-9b45-b3e048fb19eb

F-I-B-F-X status: https://observatory.mozilla.org/analyze.html?host=www.yumpu.com

Three warnings here: https://asafaweb.com/Scan?Url=www.yumpu.com%2Fen

11 sources and 612 sinks detected: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.yumpu.com%2Fen

Re: -https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=www.yumpu.com&ref_sel=GSP2&ua_sel=ff&fs=1
(Do not follow/reconstruct above link as the scanner has become under scrutiny by the DMCA for one of the used javascript algorithms).

Furthermore see: http://zulu.zscaler.com/submission/show/01255951d8dd76b4bf4d19e21c94c285-1491047864
and https://urlscan.io/result/7a5c8eb3-bc7b-4641-b6c6-d3868f0b0595/#summary

polonus (volunteer website security analyst and website error-hunter)