Even big websites have Word Press as CMS: htxps://thecsrjournal.in/wp-content/
and sometimes outdated software running..
Blacklisted external link: htXps://syndication.twitter.com/settings
The domain is blacklisted: -syndication.twitter.com from CryptoScamDB
(checked using Open Websniffer extension by Разработка и поддержка5MS 5MS dot ru).
https://syndication.twitter.com/i/jot? - widget ->
%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1582656898837%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D ....
WordPress version WordPress 5.2.5
Reputation Check
PASSED
Google Safe Browse:OK
Spamhaus Check:OK
Abuse CC:OK
Dshield Blocklist:OK
Cisco Talos Blacklist:OK
Web Server:
Apache/2.4.18 (Ubuntu)
X-Powered-By:
PHP/7.2.20-2+ubuntu16.04.1+deb.sury.org+1 (excessive server version info proliferation)
IP Address:
210.89.48.48
Hosting Provider:
Broadband Pacenet Pvt. Ltd
Shared Hosting:
2 sites found on 210.89.48.48 (see vulnerabilities:
https://www.shodan.io/host/210.89.48.48 )
Consider:
https://urlscan.io/result/7604e69d-fb8b-44a2-9736-53b4e386aeccOutdated content: Apache under 2.4.41
http://httpd.apache.org/security/vulnerabilities_24.htmlOutdated PHP: PHP under 7.2.25 ->
http://php.net/ChangeLog-7.php#7.2.25 Vuln.:
https://webcookies.org/cookies/thecsrjournal.in/29134540?114990 E-grade results.
Retirable jQuery libraries: Retire.js
jquery-mobile 1.3.2 Found in -https://thecsrjournal.in/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.3.2
Vulnerability info:
Medium open redirect leads to cross site scripting
jquery 1.12.4 Found in -https://thecsrjournal.in/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
JavaScript syntax errors: SyntaxError: Invalid or unexpected token
/wp-content/plugins/news-ticker-tj/js/custom.js?ver=6.0.2:2
TypeError: Cannot read property 'querySelector' of null
/ etc.
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)