Support » Plugin: WPS Hide Login » Modified plugin file: wp-content/plugins/wps-hide-login/wps-hide-login.php

  • Resolved Panos

    (@xpanos)


    Greetings,

    Occationally, After Wordfence scanning the files for unknown file modifications it brings up with an error (as an important one): Modified plugin file: wp-content/plugins/wps-hide-login/wps-hide-login.php

    These happens quite offen lately (twice every month) and due to the fact that there is no plugin update causing that, is it something that an attacker causing that? Is it something normal, is it something to worry about? Can u help?

    ps Wordfence during the period of these scans doesnt find any other attack to the site.

    Worry or not?
    Thanx in advance

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter Panos

    (@xpanos)

    Am I suppose there is no issue there? Is it a false positive from wordfence?

    Plugin Author NicolasKulka

    (@nicolaskulka)

    no problem

    Thread Starter Panos

    (@xpanos)

    No problem what?

    No problem that you will reproduse the problem?

    No problem that this is not an actual problem? And if thats the case why its been reported several times as a medium severity issue after Wordfence scan? It always saws that this file its been modified, without any need on modification as you dont provide an update for that in order for this file to be changes..!!

    We are talking about the login page of our site and not for a plugin that its not so important and its getting more important issue after wordfence marked it several times as a medium importance issue. The “No problem” answer its not reflecting the agony we have about that.
    Today after a week of no response we are searching another solution instead of your plugin, except if you can come around with a better answer than “No problem”
    No offence
    rgrds

    Plugin Author NicolasKulka

    (@nicolaskulka)

    We do not modify a single file without updating, so surely a false positive of the Wordfence plugin

    Thread Starter Panos

    (@xpanos)

    Thanx for your immediate reply.

    Unfortunatelly the thing that you didnt change any file without updating and due to the reason that there was no wps hide login update in the period of time that this problem occurred (twice in the previous month), doesnt come to the conclusion that was a false-positive. It comes to the conclution that either an attacker found a way to modify your plugin’s file and Wordfence has no clue about that or that there must be a known breakage issue that makes your plugin vulnerable in attacks.
    Either ways need more investigation from your side of view.
    Thanx again for your reply.

    Thread Starter Panos

    (@xpanos)

    Here is the link of Wordfence scan’ printscreen, that saws exactly my claim:

    https://pasteboard.co/JAMzQQb.jpg

    Rgrds

    • This reply was modified 1 year, 6 months ago by Panos.
Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Modified plugin file: wp-content/plugins/wps-hide-login/wps-hide-login.php’ is closed to new replies.