Wordfence Warning? File Changes

  • junkofdavid2

    (@junkofdavid2)


    5 years, 7 months ago

    Hi!

    Wordfence is flagging this plugin for “modified plugin file.”

    Is this normal?

    * Modified plugin file: wp-content/plugins/tinymce-advanced/mce/wptadv/plugin.js

    * Modified plugin file: wp-content/plugins/tinymce-advanced/mce/wptadv/plugin.min.js

    * Modified plugin file: wp-content/plugins/tinymce-advanced/plugin-assets/tadv.css

    * Modified plugin file: wp-content/plugins/tinymce-advanced/plugin-assets/tadv.js

    * Modified plugin file: wp-content/plugins/tinymce-advanced/tadv_admin.php

    * Modified plugin file: wp-content/plugins/tinymce-advanced/tinymce-advanced.php

    * Modified plugin file: wp-content/plugins/tinymce-advanced/uninstall.php

    Yet when I click on “View Differences” Wordfence says:

    “There are no differences between the original file and the file in the repository.”

    Should I just “Mark as Fixed” or “Ignore” ?

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Andrew Ozz

    (@azaozz)

    5 years, 7 months ago

    Yes, these files were modified in the last release. Changes can be seen here: https://plugins.trac.ww.wp.xz.cn/changeset/2389441/. Not sure why Wordfence is flagging them but if they are the same as in the plugins repository it seems safe to ignore/mark as fixed imho.

    • This reply was modified 5 years, 7 months ago by Andrew Ozz.
    klynam

    (@klynam)

    5 years, 7 months ago

    Yep, I’m receiving the same Wordfence notifications from several of my sites.

    Rather than just dismissing or ignoring, I’ve been running the “REPAIR ALL repairable files” option which seems to be working fine to remove the warnings.

    (Whether or not that actually updates the files and/or corrects whatever is triggering WF is still tbd I suppose…)

    bobsled

    (@bobsled)

    5 years, 7 months ago

    Repair is a bit drastic and can lead to problems. Wordfence will catch up at some stage with these files. I think it’s much safer to use Ignore all until file changes.

    klynam

    (@klynam)

    5 years, 7 months ago

    @bobsled… my understanding was that “repair” basically restores a target file to current specs per the plug-in’s official WP repository. (In which case, it would seem that TMCE needs to address the issue, not WF.) Please let me know if that’s NOT correct, as it would definitely change my approach to some things – lol.

    In general, I’m uncomfortable “ignoring” anything flagged by WF – and there’s been no OFFICIAL announcement by either plug-in author about these being false positives. The only info I’ve personally found is the post above from @azaozz (which really doesn’t provide much insight into the issue, or inspire much confidence in the recommendation.)

    For the record, I’m now getting RE-alerts from WF on sites w/ TMCE where I DID run the repair option. So whether it’s good or bad to do so, it apparently doesn’t HELP to do so.

    JM2C – and I appreciate the convo…

    bobsled

    (@bobsled)

    5 years, 7 months ago

    I’ve had this issue many times @klynam after a plugin update.

    But you are right that TMCA needs to address the issue, and that’s why your repair didn’t help.

    Scan errors after a plugin update are usually caused by a time lag that sometimes occurs with the plugin author updating and distributing to the ww.wp.xz.cn file.

    Wordfence says this:
    This file belongs to plugin “Advanced Editor Tools (previously TinyMCE Advanced)” version “5.5.1” and has been modified from the file that is distributed by ww.wp.xz.cn for this version.

    Also, as there has been a name change for the plugin, this could also explain why there is a problem.

    In all cases I had like this before, the error disappeared within a few days.

    So hopefully, TMCA will address the issue soon. But until then, I think it is safe to ignore the scan warnings.

    Plugin Author Andrew Ozz

    (@azaozz)

    5 years, 7 months ago

    But you are right that TMCA needs to address the issue

    These files were changed in the latest release. As suggested, perhaps this is a false positive because the plugin was renamed.

    On the other hand it’s possible the files were changed somehow and the alert is genuine. Re-installing the plugin would probably fix this.

    Not sure what can be done on the Advanced Editor Tools side to remedy that.

    Thread Starter junkofdavid2

    (@junkofdavid2)

    5 years, 7 months ago

    Hi guys, here’s the response of Wordfence to me personally via email:

    *******

    Hi [name redacted] thanks for reaching out to us!

    I have had at least a handful of people write in today and yesterday about this issue. It seems that TinyMCE did an update and for some reason, it created some false positives in scans. I believe these are safe to ignore but if you wanted to be certain, you could check with TinyMCE support.

    Let me know what you find!

    Thanks!

    [Name redacted]
    Customer Support Engineer

    bobsled

    (@bobsled)

    5 years, 7 months ago

    I just tried deleting and reinstalling the plugin @azaozz

    It doesn’t help. The same seven errors are still showing in WF.

    Plugin Author Andrew Ozz

    (@azaozz)

    5 years, 7 months ago

    @junkofdavid2 Thanks for letting everybody here know.

    @bobsled Then in your case it seems this is a false positive. It will probably be fixed in Wordfence soon as they are aware.

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘Wordfence Warning? File Changes’ is closed to new replies.

Tags