Changes in files detected by WordFence plugin

  • Resolved David Hunter – LAS

    (@david-hunter-las)


    11 years, 7 months ago

    Hi there,

    I use the User Role Editor plugin alongside the WordFence plugin (which automatically scans every file in a WordPress installation for any changes on a daily basis, and alerts the admin to the changes – this is useful for detecting any security issues).

    I currently use v3.12 of the URE plugin, and that was last updated on 2nd May. However, earlier today (6th May) two files were detected as being changed:

    wp-content/plugins/user-role-editor/readme.txt
    wp-content/plugins/user-role-editor/includes/ure-options.php

    As WordFence scans the files every day, if these changes were made by updating the plugin (back on the 2nd May), then these changes would have been detected on the 3rd of May, not as late as the 6th.

    I was under the impression that plugins could not be changed unless either the administrator had updated the plugin (or made some other change by directly coding and re-uploading the replacement file), or there had been some sort of security breach.

    I have uploaded a screenshot showing what changes were made in ure-options.php. It can be viewed here.

    I certainly haven’t changed anything, so I am inclined to believe there has been a security breach. Can you please confirm whether or not it is possible for the plugin to update itself as appears to have happened here? Can you confirm if the changes in the code (in the linked screenshot) are legitimate?

    Thanks in advance for your advice.
    David

    https://www.ads-software.com/extend/plugins/user-role-editor/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Vladimir Garagulya

    (@shinephp)

    Hi David,

    I confirm that these last minute changes are legitimate and made by me as plugin author and the only code commiter.
    As these changes do not change any plugin functionality I don’t increase plugin version in order to not force plugin user’s to reinstall it again.
    I will try to minimize such changes in a future.

    Regards,
    Vladimir.

    Thread Starter David Hunter – LAS

    (@david-hunter-las)

    Hi Vladimir,

    Thanks for the information. I was unaware it was possible for plugin authors to change the code of installed plugins. Learn something new every day. ??

    No need to change your way of fixing things; it’s just interesting to know that it’s possible. (I’m relatively new to WordPress so am still learning how everything works).

    Thanks for confirming that the changes were legitimate and that I have nothing to worry about.

    All the best,
    David

    Plugin Author Vladimir Garagulya

    (@shinephp)

    No, I can not change code of installed plugin. I change code at WordPress plugins repository. Wordfence compares your local code with standard one at repository. That’s why you see the changes. Wordfence shows your local version as modified incorrectly. It suppose that if both files have the same version that modification took place for local version, not for repository’s one. It’s wrong it this case.

    Thread Starter David Hunter – LAS

    (@david-hunter-las)

    Ahhh, I see. Feel free to disregard me, then. ??

    Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Changes in files detected by WordFence plugin’ is closed to new replies.