High Severity Problems

  • Resolved sayedr

    (@sayedr)


    1 year, 5 months ago

    Hello, Today I got this email from Wordfence.

    “High Severity Problems:

    * WordPress core file modified: wp-includes/SimplePie/Enclosure.php

    Medium Severity Problems:

    * Modified plugin file: wp-content/plugins/tutor/assets/packages/SocialShare/SocialShare.js

    * Modified plugin file: wp-content/plugins/tutor/assets/packages/SocialShare/SocialShare.min.js

    * Modified plugin file: wp-content/plugins/tutor/assets/packages/plyr/plyr.min.js

    * Modified plugin file: wp-content/plugins/tutor/assets/packages/plyr/plyr.polyfilled.min.js

    * Modified plugin file: wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.js”

    Also, in Wordfence scan page I see ” WordPress core file changed” and the plugin mark it high alert. What should I do know? Is anything wrong with my site? Please let me know. Thank you

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter sayedr

    (@sayedr)

    I just want to forget to share one thing: My site was in HTTP format. Now I installed SSL. And my site is now in HTTPS. Is that the reason to show the alert?

    In view ” diffrences”tab in modified file for wordprss core. woocommerce plugin, I have seen only change is HTTPS>HTTP(befor changing it was HTTP)

    ?This is the changing example for woocoomerce plugin:? ?// convenience method for quick growl-like notifications?(https://www.google.com/search?q=growl)?34? ? ? ?// convenience method for quick growl-like notifications?(https://www.google.com/search?q=growl

    For Tutor LMS plugin I can not identified any change because there are so many lines on that page.

    Hello @sayedr , thank you for reaching out.

    You are correct with the change from HTTP to HTTPS causing the file scan result, it is safe to disregard those alerts. If you click Ignore on the right side of the scan results then it will hide those alerts in the future.

    As for the tutor lms plugin, were there any changes made to files before the installation of SSL?

    A diagnostic might help me check the version for any vulnerabilities in our database, you can send the diagnostic report to wftest @ wordfence . com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Thank you,

    Christian

    Thread Starter sayedr

    (@sayedr)

    Thanks for replying to me!
    No there were no changes made before installing SSL.
    Also, I found the change in tutor LMS. It is the same change as the WordPress core file. I mean only change in Tutor LMS is HTTP to HTTPS.

    Hello @sayedr , glad I could be of assistance.

    If the only changes are with http to https and there are no changes to the files prior to the introduction of SSL then you are safe to mark IGNORE on those results.

    Thank you,

    Christian

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘High Severity Problems’ is closed to new replies.