Wordfence alert on changed files

  • Resolved syzygist

    (@syzygist)


    3 months, 2 weeks ago

    Users of the Wordfence security plugin (5+ million) who also have your plugin installed got this notice yesterday:

    Medium Severity Problems:

    • Modified plugin file: wp-content/plugins/premium-addons-for-elementor/includes/helper-functions.php
    • Modified plugin file: wp-content/plugins/premium-addons-for-elementor/widgets/premium-svg-drawer.php

    This is a notification that the version of the file in the user’s installation differs from the version in the repo, and is meant to alert users to hacked files. Wordfence provides a tool to compare the changed file, and also to update it to match the file in the repo, but for users without advanced coding skills, there is no way to assess whether the plugin author has not followed proper procedure in making an update to the plugin, or the file on their site has actually been hacked.

    Unfortunately, the authors of this plugin have a long history of making such changes improperly (your last such change was less than a week ago). Please stop that. You are making a LOT of extra work for a LOT of people who maintain sites. If you change a file, release it in a new version of the plugin. That is what you are supposed to do.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Leap13

    (@leap13)

    Hi @syzygist

    Please accept my apology for any inconvenience you are having.

    I have sent this to our devs team and we will take this into consideration and will release a new version of Premium Addons within an hour to fix this.

    Regards

    Thread Starter syzygist

    (@syzygist)

    I appreciate your courteous response, and prompt attention to this matter.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.