Hi eru,
We are volunteers here on the forum. Indeed my outdated plugins remark is not from Avast. Wait for their final verdict whether the site is malicious, suspicious or a potentially unwanted (spam, scam, phishing).
The main problem with WordPress CMS is indeed outdated plugins. The main content management software is well maintained and managed. Plugins are the main cause of abuse or at least could be, so update as soon as new versions become available.
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error hunter)