-
Wordfence scan is showing 2427 files with an issue. I don't believe I've been hacked because no new users exist and no one has logged in using my credentials. Also, I don't see anything funny in the code if I inspect one of the affected files (not that I know wtf I'm looking at, but it looks legit
). If you click on one of the scanned file details in wordfence (as shown below), the message is:Filename: /app/data/public/wp-includes/update.php File Type: Core Details: This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker.So my question is, is WF crazy or are these files leftover from a previous WP version?
-
RESOLVED: I updated WP dev to 3.8.0 just now and re-triggered a WF scan. File issues are gone.
Edit: so updating 3.8.0 had nothing to do with it. WF must have updated their list on their end as my other site is still on 3.7.2 and a new scan comes up clean too.
-
My other WP site that I manually updated to 6.7 is showing the same scan issues. Looks like I'm not the only one: https://wordpress.org/support/topic/wordfence-scan-result-unexpected-core-files-after-updating-to-wordpress-6-7/
https://wordpress.org/support/topic/unknown-file-false-positives-after-upgrade-to-wp-6-7/
https://wordpress.org/support/topic/wordfence-market-all-wp-6-7-files-as-suspect/btw @staff please move this to off-topic as I thought it might be packaging related.. mb!
-
N nebulon moved this topic from WordPress (Developer)
-
RESOLVED: I updated WP dev to 3.8.0 just now and re-triggered a WF scan. File issues are gone.
Edit: so updating 3.8.0 had nothing to do with it. WF must have updated their list on their end as my other site is still on 3.7.2 and a new scan comes up clean too.
-
H humptydumpty marked this topic as a question
-
H humptydumpty has marked this topic as solved