Wordfence reporting critical issue wioth Rank Math

  • Resolved Simon Carne

    (@scarne)


    7 months, 3 weeks ago

    Wordfence is reporting a critical error in the latest version of RankMath (v1.0.216). It reports “that “suspected malware URL: wp-content/plugins/seo-by-rank-math/includes/updates/update-1.0.42.php
    Bad URL: https://ischeck.xyz/”.

    Any comments from the Support Team?

Viewing 3 replies - 1 through 3 (of 3 total)

  • I just posted this too. Hopefully there is an answer soon. I took a fresh download of the plugin and checked out the file in question. It appears that the file is searching for any existing redirections to that URL in the rank_math_redirections table and removing them if it finds them.

    This concerns me because it almost seems like the team is stealthily trying to cover up a previous security breach (that’s pure conjecture and I have no way of knowing if that’s truly the case).

    @cgscomputers you are right. I received similar notification from wordfence, i looked up the url and came across this article from 2020

    Further search suggest they are trying to cover up this recent vulnerability reported by patchstack in February

    Plugin Support Rank Math Support

    (@rankmathsupport)

    Hello,

    Thank you for your query and we are so sorry about the trouble this must have caused.

    WordFence appears to be scrutinizing the modified files from the update and triggering the Bad URL error, which is actually a false alarm. The file named includes/updates/update-1.0.42.php serves as the update routine file for version 1.0.42, containing the necessary code to eliminate the erroneous redirection rule.

    In the previous update, our focus was solely on addressing the WPCS issue within this file.

    You can safely ignore that error.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Wordfence reporting critical issue wioth Rank Math’ is closed to new replies.