Wordfence Alert Problems found on

  • Resolved adrian33000

    (@adrian33000)


    3 years ago

    I today received this notice relating to one of my managed sites.
    Medium Severity Problems:

    * Modified plugin file: wp-content/plugins/wordpress-seo/vendor/autoload.php

    Fortunately, when I checked the plugin I realized your scan related to an out-of-date plugin v18.2 which had been updated to v18.3, the current version. I suspect that this accounts for the modified 7 files as you were scanning the updated plugin but referring to a previous version now out of date.

    I think it might help to ensure your system checks updates before sending these notices because if I had not realized the different version numbers I might have easily edited the files to conform to your recommendations.

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @adrian33000, thanks for getting in touch.

    Let me know if any assumptions are wrong here, but was the scan run before/during automated plugin updates or had the plugin already been updated in good time before the scan was started?

    I ask this as it’s been known for an automatic scan to be scheduled around the same time as plugin updates are performed, so picks up the outdated plugins at the very start but won’t realize plugins have been updated by the time it ends.

    On the free version of Wordfence, a quick scan runs every day, and a full scan runs every 72 hours. The quick scan does check for WPScan vulnerabilities and repository versions, but an updated repository status against your installed plugin list will not refresh until the next full scan is run manually or automatically. This may mean the notice of a modified plugin persists between those scans.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Wordfence Alert Problems found on’ is closed to new replies.