Wordfence flagging files in 3.5.8

  • Resolved WorkinWP

    (@iguanamom)


    3 years, 2 months ago

    Hi,

    updated to the newest NF version today and later in the day got notified by Wordfence that 6 files were different from the one on www.ads-software.com. I’ve seen this before with other plugins but wanted to make sure it was legit. I won’t update any others until I know from you guys first. It was a long string of characters that were different. Thanks.

    Filename: wp-content/plugins/ninja-forms/vendor/composer/installed.php
    File Type: Plugin
    Details: This file belongs to plugin “Ninja Forms” version “3.5.8” and has been modified from the file that is distributed by www.ads-software.com for this version.

    All of the files flagged were:

    * Modified plugin file: wp-content/plugins/ninja-forms/build/sub-table-block.asset.php

* Modified plugin file: wp-content/plugins/ninja-forms/build/sub-table-block.js

* Modified plugin file: wp-content/plugins/ninja-forms/vendor/autoload.php

* Modified plugin file: wp-content/plugins/ninja-forms/vendor/composer/autoload_real.php

* Modified plugin file: wp-content/plugins/ninja-forms/vendor/composer/autoload_static.php

* Modified plugin file: wp-content/plugins/ninja-forms/vendor/composer/installed.php
Viewing 6 replies - 1 through 6 (of 6 total)

  • I’ve got the same Wordfence warnings on 6 sites. I tried to repair the files on my staging site, but that crashed the site. So don’t try it.

    This happens a lot on Wordfence with plugin updates recently. Best to ignore the warnings and wait for a Ninja plugin update.

    Thread Starter WorkinWP

    (@iguanamom)

    (@bobsled) thanks for letting me know!

    Hi guys,

    Sorry to jump in here, but just to check – is it safe to update Ninja Forms then?

    Yes, I believe it’s safe. All my sites are running fine.

    Wordfence describes the issue like this:

    “Note that some developers do not follow the official guidelines that WordPress provides for plugin developers, and will modify a “tag” or a version of their plugin that has already been released by adding new code to an existing release – for example, fixing a small bug or correcting a minor typo.”

    This happens a lot. It even happened to the last WordPress core update.

    So when you get Wordfence warnings for modified plugin files shortly after a recent plugin update, it’s usually not a concern and you can safely ignore them.

    @bobsled Okay, awesome – Thank you so much!

    Plugin Contributor Justin McElhaney

    (@jmcelhaney)

    @iguanamom @bobsled @whereverpanda You should not have received any errors when updating the Ninja Forms plugin.
    Can you try manually installing the Ninja Forms update from www.ads-software.com and see if you still are seeing these errors?
    If you continue to have issues, can you contact our official support. https://ninjaforms.com/contact/

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Wordfence flagging files in 3.5.8’ is closed to new replies.