Wordfence Errors

  • Resolved fippy

    (@dgilfillan)


    2 years ago

    Wordfence scans shows errors with respect to:

    /wp-content/plugins/leadin/js/dist/elementor.js &
    /wp-content/plugins/leadin/js/src/entries/elementor.js

    both errors are of type:

    file has been modified from the file that is distributed by www.ads-software.com for this version

    Essentially, the latest version that we have updated to (via automatic updates) does not EXACTLY match the version of those files you have registered with the wordpress repo.

    Please advise/amend.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support deb

    (@dbhattacharya)

    Hi @dgilfillan ,

    Thanks for writing to us and bringing this to our notice.

    The changes you are seeing locally are same as the ones in WordPress repo.
    The scan is reporting a false vulnerability and comparing with a previous version of the file.
    You can check the latest files on wordpress by visiting this link

    You may ignore the files reported during the scan in Wordfence.

    Let us know if you need any further assistance.

    Best Regards!

    • This reply was modified 2 years ago by Yui.
    • This reply was modified 2 years ago by deb.
    Thread Starter fippy

    (@dgilfillan)

    Will you be contacting WordFence to get this comparison and false vulnerability corrected?

    Plugin Support deb

    (@dbhattacharya)

    Hi @dgilfillan,

    Unfortunately, we do not support third party plugins from our end and will not be reporting this.
    Please feel free to open a support ticket from your end to Wordfence or use the ignore option.
    Sorry for the inconvenience.

    Best Regards!

    Robin

    (@robin-ho)

    I think of any 3rd party plugin to work with, Wordfence should probably be one to make the exception.

    I’m also getting this error.

    Thread Starter fippy

    (@dgilfillan)

    Hi there, please see response from Wordfence:

    This is due to the plugin authors not releasing new versions correctly so you can ignore these scan results.

    They do not add a tag release number for a new version and only use trunk for a new version which is frowned upon by WordPress:

    https://plugins.trac.www.ads-software.com/browser/leadin/#tags

    https://developer.www.ads-software.com/plugins/wordpress-org/how-to-use-subversion/#always-tag-releases

    If they don’t release a tag number then we can’t properly scan version changes.

    Kind regards,

    XXXX
    Customer Support Engineer

    Plugin Support deb

    (@dbhattacharya)

    Hi @dgilfillan

    Thank you so much for following up with Wordfence.
    We will have a look into this.

    Best Regards!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Wordfence Errors’ is closed to new replies.