False positive in Modernizr

  • Resolved chatmandesign

    (@chatmandesign)


    6 years, 10 months ago

    Alert generated at Friday 29th of December 2017 at 06:43:30 PM

    Critical Problems:

    * File contains suspected malware URL: /[path_to_webroot]/httpdocs/wp-content/themes/[custom_site_theme]/node_modules/modernizr/feature-detects/css/backgroundblendmode.js

    https://bennettfeely.com/gradients/

    I’m getting this on a bunch of my sites for a standard Modernizr file that does not appear to have been modified. Since Modernizr is a pretty common dev library, I thought the Wordfence folks should be made aware.

    • This topic was modified 6 years, 10 months ago by chatmandesign.
Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi @chatmandesign,

    Can you please confirm which versions of Wordfence and Modernizr are installed on your site?

    Did the issue start to occur after an update of either plugin?

    Thread Starter chatmandesign

    (@chatmandesign)

    This happened across like half a dozen different sites. Wordfence auto-updates should be enabled on all of them, so you would know if Wordfence updated on the 29th better than I would. I didn’t save a list of all the sites that reported this, but I believe those were most likely on Modernizr 3.5.0, or thereabouts.

    Hi @chatmandesign,

    Is the “HIGH SENSITIVITY” scanning feature enabled on your site?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘False positive in Modernizr’ is closed to new replies.