188 JILI casino login register,7777pub login register.Recharge Every day and Get Bonus up-to 50%!

Resolved

(@grl570810)

Recently all sites I host have started reporting WordPress core file modified: wp-includes/version.php. Checking the files using Beyond Compare with that from the relevant WordPress download reports them as binary identical. This is the file content:

<?php
/**
 * WordPress Version
 *
 * Contains version information for the current WordPress release.
 *
 * @package WordPress
 * @since 1.2.0
 */

/**
 * The WordPress version string.
 *
 * Holds the current version number for WordPress core. Used to bust caches
 * and to enable development mode for scripts when running from the /src directory.
 *
 * @global string $wp_version
 */
$wp_version = '5.9.3';

/**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
 *
 * @global int $wp_db_version
 */
$wp_db_version = 51917;

/**
 * Holds the TinyMCE version.
 *
 * @global string $tinymce_version
 */
$tinymce_version = '49110-20201110';

/**
 * Holds the required PHP version.
 *
 * @global string $required_php_version
 */
$required_php_version = '5.6.20';

/**
 * Holds the required MySQL version.
 *
 * @global string $required_mysql_version
 */
$required_mysql_version = '5.0';

$wp_local_package = 'en_AU';

As this has recently started appearing I wonder if maybe the scan is mistakenly looking at the new version 6.0 copy of version.php?
Please investigate and advise.
Thanks,
GRaham

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Support wfpeter
(@wfpeter)

2 years, 5 months ago

Hi @grl570810, thanks for getting in touch about this.

I’ve not seen the same thing crop up on my installations, but it’s interesting that you’ve seen it on all the sites you manage. We’ve also not had widespread reports of the same thing elsewhere. Are you running alpha/beta/RC versions of WordPress still in development at any point from your development/test to live servers?

Could you please try running another full scan, then (if you’re seeing the same results) sending over a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

Thanks,

Peter.

Thread Starter grl570810
(@grl570810)

2 years, 5 months ago

Hi Peter,

Thanks for getting back. All the production sites are running the official WordPress 5.9.3 downloaded from https://en-au.www.ads-software.com/download/. I have a few sites under development that are testing the 6.0 release but if there’s one thing I’ve learnt from over 45 years in the business it’s never put a dot zero release of anything into production! ??

I picked a site at random and re-ran the scan. The results were the same and I have emailed over the diagnostic report as requested. I’ll be interested to hear what you come up with.

Regards,
Graham

Plugin Support wfpeter
(@wfpeter)

2 years, 5 months ago

Hi @grl570810, thanks for sending those over.

I cannot see a reason why the binary identical file is being flagged as the files should be compared to the version you have installed rather than the latest available version.

There is sometimes a chance that if a hit was timed just right, that the version could be compared while an upgrade was occurring but as you say, you’re not installing the .0 version in this case either.

Database caching or some load-balanced configurations could potentially also cause an issue, but aren’t particularly likely. I’d dismiss the notice in this case, and just keep an eye on whether or not it comes back. We haven’t seen this crop up in other installations over the last couple of weeks to have a comparative case and solution.

Thanks again,

Peter.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘False positive on wp-includes/version.php’ is closed to new replies.