Vulnerable CMS and website being a PHISH!

[polonus]

Re: https://urlquery.net/report/3cabf3dd-7be4-418b-87d2-6ded877dbd59
PHISHING detected on -/wp-includes/Text/ble/indexa.php HTTP/1.1

CMS insecurity: Outdated: WordPress Version 4.7
Version does not appear to be latest 4.8.2 - update now.

WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

revslider   
js_composer   
contact-form-7 4.6   latest release (4.9) Update required
https://contactform7.com/
LayerSlider   
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.

Retirable jQuery: http://retire.insecurity.today/#!/scan/7e0c459e338f73dcdd2853675a14e9eea158b5aaeece23693c6b263a0b1d5dbb

Vulnerability errors

  found JavaScript
     error: undefined function b.attachEvent
     error: undefined variable b
     info: [element] URL=jugueterapia.com/wp-content/plugins/contact-form-7/includes/js/undefined

suspicious: maxruntime exceeded 10 seconds...
error

(script) jugueterapia.com/wp-content/themes/betheme/js/menu.js?ver=14.1
         info: [decodingLevel=0] found JavaScript
     error: undefined variable jQuery
     error: undefined variable $.fn
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var $.fn = 1;
          error: line:1: ....^

errors

(script) jugueterapia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
          info: [decodingLevel=0] found JavaScript
     error: undefined variable jQuery
     error: undefined variable a.ui
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var a.ui = 1;
          error: line:1: ....^ 

Warning User Enumeration is possible

The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   None   dropalia
2   None   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

All scripts from see: http://toolbar.netcraft.com/site_report?url=http://ns3029648.ip-149-202-91.eu

F-status and site defaulting over http, while https available: https://observatory.mozilla.org/analyze.html?host=jugueterapia.com

5 problems flagged here: https://mxtoolbox.com/domain/jugueterapia.com/

Re: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fjugueterapia.com

Detected or rather not detected: 2 third party embeds used; not using HSTS to prevent insecure requests; no public key pins set to prevent attackers from using invalid certificates; mixed content found; vulnerable to sweet32 and lucky13 attacks; no CSP header set;
no XFO header set, no XSS Protection header set; no X-Content-Type Options header set; no privacy-friendly Referrer Policy header set.

All reported via cold reconnaissance scanning and analyzing by,

polonus (volunteer website security analyst and website error-hunter)

[polonus]

DNS Fails for nameservers:

Nameservers match (parent):   Some nameservers returned by the parent nameserver are not returned by your nameservers. The following differences were found:
 
sdns2.ovh.net
ns3029648.ip-149-202-91.eu
Fail

Some of your nameservers did not respond. The following did not respond:
 
sdns2.ovh.net

Your nameservers returned different nameserver records.
 
Got 0 records at sdns2.ovh.net.. Got 2 records at ns3029648.ip-149-202-91.eu. Fail

Some of your nameservers did not respond authoritatively for your domain. The following nameservers did not respond authoritatively:
 
sdns2.ovh.net Warning
Number of SOA records:   Each of your nameservers should return exactly one SOA record. This was not the case. The following problems were found:
 
sdns2.ovh.net (0 SOA records) Fail

SOA Serial Match:   Your nameservers returned different SOA serial numbers. This probably means that they are not synchronised properly.   Fail
SOA Master Nameserver Match:   Your nameservers returned different SOA master nameservers.   Fail
SOA Admin Email Match:   Your nameservers returned different SOA admin email addresses.   Fail
SOA Refresh Match:   Your nameservers returned different SOA refresh values.   Fail
SOA Retry Match:   Your nameservers returned different SOA retry values.   Fail
SOA Expire Match:   Your nameservers returned different SOA expire values.   Fail
SOA Minimum TTL Match:   Your nameservers returned different SOA minimum TTL value.   Fail

MX records have A records:   Some of your MX servers do not have A records. I found problems with the following:
 jugueterapia.com  Fail

WWW record:   Your domain does not have a WWW record. This means that people will not be able to find your web site at -
 -http://www.jugueterapia.com. Skipping further WWW tests.   Fail

Quotes from DNSsy online DNS Test for jugueterapia.com/

From MX Toolbox
     Category           Host                           Result   
   dmarc   jugueterapia.com   DNS Record not found   
   dns           jugueterapia.com   At least one name server failed to respond in a timely manner    
   smtp           jugueterapia.com   Reverse DNS does not match SMTP Banner    
   smtp     jugueterapia.com   Warning - Does not support TLS.    
   smtp    jugueterapia.com   15.323 seconds - Not good! on Transaction Time    

polonus