WARNING MESSAGE – Modified plugin file

Hi

Can you post the differences? There should be a link to do that.

One of the problems with wordpress plugins is that often authors don’t bother to do a proper release (showing the need for an update) and just edit the code directly in the repository. Since we mirror the wordpress.org repository if they do that without a release when you do a scan and come to our servers to get the code we see that your code is not the same code we have for the version of plugin you are using. The fastest way to confirm is to ask the author if he made changes, alert them to the fact that we see different files, and then hopefully they’ll do a proper release and resolve the issue. If they didn’t make the change or the code looks malicious then it is possible someone used an exploit into your site to change code. One of the things I like to do is to disable the theme and plugin editor in the admin section. http://www.wpbeginner.com/wp-tutorials/how-to-disable-theme-and-plugin-editors-from-wordpress-admin-panel/ Its not fool proof, but it will help. And if you think you have been hacked please follow the instructions here:
http://docs.wordfence.com/en/My_site_was_hacked._How_do_I_use_Wordfence_to_clean_it%3F

tim

Sorry, Jan. That’s what I meant and what I get for answering forum posts first thing in the morning. 🙂
tim

@Barnez – again, spot on 🙂

Always try and let the plugin developer know. Sometimes its just inexperience or not thinking about how it affects security that the developer hasn’t thought of. I know one of the things WF values is customer suggestions. Some of the best ideas come from your thoughts. I’m sure the dev, if they were smart, would agree.

tim