Wordfence Finding Medium Security Issue

  • Resolved anchoredmeditation

    (@shorelarkbythesea)


    3 years, 2 months ago

    I use WordFence for security on my site. A routine scan flagged this plug-in as a Medium level security issue, and I’d like to know what it means exactly, and if it’s any cause for concern, and best way to fix it (delete it and download it again?). Have deactivated the plugin in the meantime:

    • Filename: /home/customer/www/mywebsite/public_html/wp-content/plugins/classic-editor/classic-editor.php
    • File Type: Plugin
    • Details: This file belongs to plugin “Classic Editor” version “1.6.2” and has been modified from the file that is distributed by ww.wp.xz.cn for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don’t manage their code correctly. 

      Thank you.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Alvaro Gómez

    (@mrfoxtalbot)

    3 years, 2 months ago

    It would be a good idea to get a second opinion from the Wordfence team itself, since this warning is coming from their plugin but it sounds like the file was somehow modified.

    This might be a false positive but it could mean that your site has been compromised somehow and the attacker has modified the Classic Editor plugin.

    I would recommend reinstalling the plugin but you will also want to review all other plugins and files as the vector of the attack is likely coming from some other place. You can also restore a backup from your site, as old as possible (assuming you do not have any changes or you do not mind losing those changes) and update all your plugins right after you restore the backup.

    techwpdrift

    (@techwpdrift)

    3 years, 2 months ago

    I uninstalled the classic editor, but even after reinstalling it, it still shows up in Wordfence after a new scan.

    The results:

    The Original Version of the file: * Tested up to: 6.1
    The Modified Version on your WordPress system: * Tested up to: 5.8

    Alvaro Gómez

    (@mrfoxtalbot)

    3 years, 2 months ago

    The Modified Version on your WordPress system: * Tested up to: 5.8

    When you look at the plugins page, what version of the Classic Editor do you see @techwpdrift?

    techwpdrift

    (@techwpdrift)

    3 years, 2 months ago

    @mrfoxtalbot version 1.6.2

    Moderator Kathryn Presner

    (@zoonini)

    3 years, 2 months ago

    This is a false positive; one of the plugin’s developer has previously explained that this warning can safely be ignored.

    You’re also welcome to let WordFence know about the issue so they can potentially stop flagging this on their customers’ end. Cheers!

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Wordfence Finding Medium Security Issue’ is closed to new replies.

Tags