Legitmate Tinymce Files or Not?

  • Resolved mwarbinek

    (@mwarbinek)


    7 years, 9 months ago

    I manage several WordPress installs and use WordFence for my security. On all the installs, Tinymce Advanced is also installed. On two of the installs, WordFence gave alerts to some files it says are not part of the original installs.

    These files are:
    tinymce(dot)json, tinymce-small(dot)json, moxieplayer(dot)swf

    These files are located in the tinymce folder under wp-includes.

    I checked the original install ZIP files from WordPress and Tinymce Advanced to see that these files Do Not exist in either original core installs.

    I checked the other WordPress installations where these warnings did not occur and checked the file/folder locations to find these 3 files Do Not exist.

    In the past, the moxie player file was known to be a vulnerability and allowed hackers to access the WordPress install via the browser.

    This tells me, at least, that Tinymce Advanced does not use these files, but I do not know for sure.

    Can a Tinymce Tech confirm whether Tinymce uses these files?

    Thanks

Viewing 7 replies - 1 through 7 (of 7 total)
  • Thread Starter mwarbinek

    (@mwarbinek)

    Resolved:

    When I tried to delete the said files, I could not delete or rename them, access was denied by FTP.

    As a result, I contacted the webhosting service, GoDaddy. These two WordPress installs are under their “Managed WordPress” hosting packages. The wp-includes folder and wp-admin folder are locked and only GoDaddy can make changes.

    GoDaddy also confirmed that the said files are theirs. Their WordPress plugins that are included with their Managed WordPress installs requires those files.

    The answer to my request is “Tinymce Advanced” does not use those files and does not include them in the plugin install. The same with WordPress install, it does not include those files. Only GoDaddy inserts those files.

    Matter is resolved.

    Note: if you happen to read this post years from now, and those files still appear in your WordPress install, check with your webhosting service.

    Thanks for this information. Very good of you to post and very good to know. Shocking that GoDaddy can’t communicate this with Wordfence. Absolutely Shocking!

    • This reply was modified 7 years, 8 months ago by Brian North. Reason: 1st Post is always Beta

    Thanks! I saw the same thing and found your post about it here. The site that WF flagged is also on GD MWP hosting. Cheers!

    Thanks for posting this. You’ve saved me a lot of time in tracking down the origin of these files. I recently rebuilt a site from scratch that was initially created on GoDaddy MWP explicitly to clean out whatever crap GD put in there that was causing a few glitches. But I exported the content, assuming that would not pass on any of the GoDaddy nonsense – and somehow these files resurfaced in the Wordfence log on the clean install.

    Thread Starter mwarbinek

    (@mwarbinek)

    Glad I can help.

    If anyone does a reinstall or migrates their website, on different web hosting service, or in a “non-Wordpress” hosting package of GoDaddy (check with them to make sure), the files “tinymce(dot)json, tinymce-small(dot)json, moxieplayer(dot)swf’ are not required.

    If you still find these files, which ever hosting service you use, first check with your Website Host to see if they installed those files. If they did not, delete them. If you still cannot delete them and the Hosting Service did not install them, but the files are locked, get the Hosting Service to delete them.

    Thank you so much for taking the time to research this potential malware issue and post your results in resolving it.

    womanof2day

    (@womanof2day)

    Thank you for paying it forward!!! Because it takes time, patience and persistent sometimes with getting answers. Thanks again!!!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Legitmate Tinymce Files or Not?’ is closed to new replies.