Unknown file false positives after upgrade to WP 6.7

  • Resolved perfectweb

    (@perfectweb)


    1 week, 5 days ago

    After upgrading to WordPress 6.7, WordFence (8.0.0) is reporting 2500+ unknown files in WordPress core. This is happening on multiple sites on multiple hosting platforms. I have checked the WordPress github 6.7 repository, and all the files I spot checked are in their proper places. I have compared many of the repository files with files on my servers and they are unchanged. Here are some examples from the list:

    wp-includes/sitemaps/class-wp-sitemaps.php
    wp-includes/sodium_compat/autoload.php
    wp-includes/sodium_compat/* (many files in directory and subdirectories flagged)
    wp-includes/style-engine/class-wp-style-engine.php
    wp-includes/taxonomy.php
    wp-includes/theme-i18n.json
    wp-includes/theme.php
    wp-includes/update.php
    wp-includes/user.php

    Why am I getting all these false positives?

Viewing 15 replies - 1 through 15 (of 21 total)

  • The same thing happens to me with several websites.

    Same issue. I checked with WP CLI the checksums, and it came out fine, and I also downloaded WordPress manually and checked randomly some of the files that were pointed out by Wordfence and they were on the original install. Any help?

    Same problem on my sites, I specify that I update WordPress manually.

    SAT

    (@stronganchortech)

    Looks like we have the same problem on one of our sites.

    Same for me on one of my sites at least. 2500 + unknown files. Ignore?

    abdullahbinhasan

    (@abdullahbinhasan)

    Same here

    Same issues. Updated to 6.7 yesterday and a few hours later received a long list of “unknown file in wordpress core” error messages from WordFence scan.

    Hi.
    It’s the same on my websites. I haven’t found the reason yet.
    Cheers.

    I have the same problem on my website and the website of my non-profit organization

    • This reply was modified 1 week, 5 days ago by valentinb.
    • This reply was modified 1 week, 5 days ago by valentinb.

    I’m having this issue too, after an automatic update to 6.7. I reinstalled WordPress and re-scanned, but the issue remained. Checking some of the flagged files, they seem to be valid WordPress core.

    Same issue on one site I manage, but not others. They are definitely WordPress core files in my case so it’s almost certainly a false positive.

    Jason Ryan

    (@viablethought)

    Same issue here, its definitely a false positive and WordPress is saying its due to Wordfence not having the most recent list of files – which if this is the case, why Wordfence?? Beta has been out for a bit now – this is creating such a mess for those of us who host and maintain over 200 client websites.

    Jason Ryan

    (@viablethought)

    Hello all –

    Ok, so I have found that if you are using the Free version of Wordfence, the “Rules” are only updated every 30 days – which means that this is completely out of sync with the release of WP 6.7.

    If you go to Wordfence -> All Options -> Advanced Firewall Options -> Manually Refresh Rules and then run a new Scan, this resolves the issue (tested one site thus far and seemed to do the trick).

    Wordfence changed this a bit ago where the rules are only updated once every 30 days – not sure this was a great idea on Wordfence’s part.

    • This reply was modified 1 week, 5 days ago by Jason Ryan.

    Thanks @viablethought This fixes the issue for me. Kudos!

    Yaeh! Thanks @viablethought ! It does the job ??

Viewing 15 replies - 1 through 15 (of 21 total)
  • You must be logged in to reply to this topic.