Plugins Marked as Changed, but No Changes Show Upon Review

  • Resolved mpedersen

    (@mpedersen)


    3 years ago

    Both the Limit Login Attempt Reloaded and Job Board WP plugins were recently flagged as having been modified (in the latter, something like 39 files), yet when attempting to view the modifications, the viewer reported that there are no differences between the server and repository files..

    Manually downloading the plugins from the WP site and then uploading them has cleared out the issue on a subsequent scan FOR the first plugin. I suppose the real question here is why these potentially false reports occurred?

    The second plugin, even when I manually uploaded straight from the WordPress site, it is still being flagged as having been “modified”.

    • This topic was modified 3 years ago by mpedersen.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @mpedersen, thanks for getting in touch.

    Sometimes it’s been known for a scan to start running around the same time as automatic/manual plugin updates are performed, so picks up the outdated plugins at the start but won’t realize plugins have been updated by the time it ends.

    On the free version of Wordfence, a quick scan runs every day, and a full scan runs every 72 hours. The quick scan does check for WPScan vulnerabilities and repository versions, but an updated repository status against your installed plugin list will not refresh until the next full scan is run manually or automatically. This may mean the notice of a modified plugin persists between scans.

    It is also possible sometimes for plugin developers to make a minor update and not increment the version number of their plugin. This should also get spotted and updated when our servers check for latest plugin repository versions at www.remarpro.com, but this happens at set intervals during the week so can appear as modified until then.

    Let me know if this persists after around 48-72 hours when these updates have had a chance to happen and I can dig a little deeper.

    Peter.

    Thread Starter mpedersen

    (@mpedersen)

    Just following up that this problem appears to continue, at least with the Jobs Board plugin. While I did not go through and check the 30+ files reported as being modified, the ones I did check all come back as follows when “viewing differences”:

    The two panels below show a before and after view of a file on your system that has been modified. The left panel shows the original file before modification. The right panel shows your version of the file that has been modified. Use this view to determine if a file has been modified by an attacker or if this is a change that you or another trusted person made. If you are happy with the modifications you see here, then you should choose to ignore this file the next time Wordfence scans your system.

Filename:	wp-content/plugins/jobboardwp/templates/job/info.php
File type:	Plugin File
Plugin Name:	JobBoardWP
Plugin Version:	1.1.0

<strong>There are no differences between the original file and the file in the repository.</strong>
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Plugins Marked as Changed, but No Changes Show Upon Review’ is closed to new replies.