Modified plugin file Notice

  • Resolved Mitch

    (@n2rga)


    7 years, 6 months ago

    I have been getting these notices on a few plugins over a few months now. seem since the new www.remarpro.com plugin site has been active.
    The latest is
    Modified plugin file: wp-content/plugins/wp-mail-smtp/wp_mail_smtp.php
    I downloaded the plugin on the site and downloaded a new version or I should say the same version number with files that were changed.
    after comparing I found
    this changed code

    What I believe is happening is the authors are changing the files on www.remarpro.com and not changing the version number.

    I know this is not the problem of wordfence its doing its job. the reason for thes post is two fold.
    1. Warn other users their files are not being hacked and whats going on.
    2 and most importantly Ask wordfence maintainers to work with WordPress and fix the problem of authors changing files on the fly and not putting out a change of version number so we can update the plugin.
    thanks
    Mitch

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi Mitch,
    Yes, it happens sometimes that developers add new code to their plugin or theme without increasing the version number and without creating a new “tag”, right now you just need to use your best judgment while checking these changes and maybe sending a friendly email to the plugin author asking him to create a new tag for this version according to the “WordPress guidelines on version control“.

    We have seen similar reports like this one regarding readme.txt and readme.md files in the past, so starting from version 6.3.5, changes to these files were ignored by the scanner unless high sensitivity is on, but this doesn’t apply to the main plugin file as in this case.

    Thanks.

    Thread Starter Mitch

    (@n2rga)

    thanks I just did that on one of my site just now
    Mitch

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Modified plugin file Notice’ is closed to new replies.