Modified plugin file: wp-content/plugins/wordpress-seo/admin/class-pointers.php

I agree: everyone who uses your plugin and also uses Wordfence received an alert this morning.

Yep. Ten thousand people (I made up the number, but obviously it is a lot) around the world have to research this issue. Your company does so many things well….and we all appreciate it…just think your code release procedure should be tightened up a bit in this regard.

Ditto…got this on multiple sites. Glad wordfence works, unnecessary panic.

I got this too on my WordPress sites using Wordfence – just to confirm – is there anything to be alarmed about?

Another concerned user here. Please confirm that this was an intentional change. I have the plugin running on a production site.

Same warning here and I compared the line with same file in version 2.2.1 and there it also says: amp;selector=972f1c9122 and not id=972f1c9122.

So I uploaded the latest class-pointers.php and everything seems fine.

Hi homerecords
Where did you get the “latest class-pointers.php” from?
Kevin.

Kevin, if you have Wordfence, I think there is an option to just replace the file.

I reverted the plugin changes using WordFence because of the error. I wasn’t sure if it has a compromised file. I echo the sentiments above.

The Wordfence guys think changed code should have a new version number, and i think they are right.

@fritz.barnes Wordfence allow to replace the changed file (in this case the older one) to the original file (in this case the newer one).
But if wordfence – for whatever reason – does not identify all changes of a different version with the same version number the chaos will be perfect.

A better workaround IMHO could be a reinstall of all files by ftp.
But, hey @guys at yoast – this is not the way we love to work with WordPress.

Best practise should be: if soemone changes (even changes in an included library) a new version number is assigned.

No official answer… ??

I reached out to them on twitter also, no answer, yet.

we demand ANSWERS! ??

Thanks for your tweet Darren.

The reason for the minor edit is a change by MailChimp that caused the newsletter signup in the tour to fail (404 error).

This is no reason to update your plugin at all, but it is something we want changed for our new users. Therefore we updated a single line, without changing the version number.
So yes, this was an intentional change.

If you’re using WordFence, you can have WordFence update the file to get rid of the ‘false positive’.

@ [email protected]:

I used the file from the latest plugin download.