Title: Malware in Yoast? Last modified: August 31, 2016 --- # Malware in Yoast? * Resolved [Ninjamankid](https://wordpress.org/support/users/ninjamankid/) * (@ninjamankid) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/) * Wordfence just alerted me on this: * Alert generated at Thursday 10th of March 2016 at 02:52:39 PM Critical Problems:* File contains suspected malware URL: /home/mysite/www/wp-content/plugins/wordpress- seo-premium/changelog.txt * * File contains suspected malware URL: /home/mysite/www/wp-content/upgrade/MTQ2MjY5MzkwMjpmNzQ1NmI2Zjk0ZTQ2MzQ1NWM0NzRhM2IzOWZkMmNkYjoxMDUyNDM6Y2RiMWJmNmIxMjY2ZDBiNzJjNmFjNjhkMWZmYzllYTA6aHR0cHNALy93d3cubm9yZGljZ3JlZW4uc2U- M5HAdr/wordpress-seo-premium/changelog.txt * Yoast version: 3.1.1 * Probably nothing. * Johan * [https://wordpress.org/plugins/wordpress-seo/](https://wordpress.org/plugins/wordpress-seo/) Viewing 8 replies - 1 through 8 (of 8 total) * [daverempel](https://wordpress.org/support/users/daverempel/) * (@daverempel) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7157915) * I got a similar notice on one of my sites. Using free Yoast Seo * Thread Starter [Ninjamankid](https://wordpress.org/support/users/ninjamankid/) * (@ninjamankid) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7157926) * I use the Professional version. * [daverempel](https://wordpress.org/support/users/daverempel/) * (@daverempel) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7157929) * Yes I know. I was pointing out that this occurred in the other version. I thought that might be relevant to the overall cause. * [Scott Wild](https://wordpress.org/support/users/wildinspire/) * (@wildinspire) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7157992) * File contains suspected malware URL: /home3/warfordo/public_html/wp-content/plugins/ wordpress-seo-premium/changelog.txt Filename: wp-content/plugins/wordpress-seo- premium/changelog.txt Bad URL: [http://wordpresssupplies.com/wordpress-plugins/no-category-base/](http://wordpresssupplies.com/wordpress-plugins/no-category-base/)) File type: Not a core, theme or plugin file. Issue first detected: 5 hours 54 mins ago. Severity: Critical Status New This file contains a suspected malware URL listed on Google’s list of malware sites. Wordfence decodes base64 when scanning files so the URL may not be visible if you view this file. The URL is: [http://wordpresssupplies.com/wordpress-plugins/no-category-base/](http://wordpresssupplies.com/wordpress-plugins/no-category-base/))– More info available at Google Safe Browsing diagnostic page. * [daverempel](https://wordpress.org/support/users/daverempel/) * (@daverempel) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7157996) * So I looked through the text file in question and saw a reference to the site url listed above. Does anyone know if that is sufficient for WordFence to flag it? I checked the changelog.txt ( for the free version of Yoast seo) file in virustotal and it came back fine. I don’t know enough about base64 encoding to know if it could still be malicious.Hopefully a more experienced user can clarify this. * [fstopusa](https://wordpress.org/support/users/fstopusa/) * (@fstopusa) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7158012) * I just got this same notice for three sites. The problem appears to me to be the fact that the url [http://wordpresssupplies.com/wordpress-plugins/no-category-base/](http://wordpresssupplies.com/wordpress-plugins/no-category-base/)) is listed in the file that is on my site which, in this case, is the Yoast SEO changelog.txt file. It is just a reference to something that has been fixed in the past, etc. * However, it looks like wordpresssupplies.com has been flagged by Google for hosting malware. My guess is that WordFence is marking it as a problem because of that link being listed in the blacklist that Google has. * It should not be a problem for your site as it is not a “live” file. It would only be harmful to someone if they visited that wordpresssupplies.com site. * I’m not 100% sure this is the issue, but it looks most likely to me. * Plugin Contributor [Joost de Valk](https://wordpress.org/support/users/joostdevalk/) * (@joostdevalk) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7158030) * [@fstopusa](https://wordpress.org/support/users/fstopusa/) is completley right. WordFence is throwing a far too big warning for an issue so small. Feel free to delete the file, the link will be gone in the next release. * Thread Starter [Ninjamankid](https://wordpress.org/support/users/ninjamankid/) * (@ninjamankid) * [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7158032) * Thankfully it turned out to be much ado about nothing. Thanx everyone for your help. Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘Malware in Yoast?’ is closed to new replies. * ![](https://ps.w.org/wordpress-seo/assets/icon-256x256.gif?rev=3419908) * [Yoast SEO - Advanced SEO with real-time guidance and built-in AI](https://wordpress.org/plugins/wordpress-seo/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordpress-seo/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordpress-seo/) * [Active Topics](https://wordpress.org/support/plugin/wordpress-seo/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordpress-seo/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordpress-seo/reviews/) * 8 replies * 5 participants * Last reply from: [Ninjamankid](https://wordpress.org/support/users/ninjamankid/) * Last activity: [10 years, 2 months ago](https://wordpress.org/support/topic/malware-in-yoast/#post-7158032) * Status: resolved