Support » Fixing WordPress » old wordpress files not removed after wp5.8 update

  • Resolved shron_shron77


    Low Severity Problems:

    * Old WordPress core file not removed during update: wp-includes/css/dist/editor/editor-styles-rtl.css

    * Old WordPress core file not removed during update: wp-includes/css/dist/editor/editor-styles-rtl.min.css

    * Old WordPress core file not removed during update: wp-includes/css/dist/editor/editor-styles.css

    * Old WordPress core file not removed during update: wp-includes/css/dist/editor/editor-styles.min.css

    The page I need help with: [log in to see the link]

Viewing 9 replies - 1 through 9 (of 9 total)
  • Hari Shanker R


    Hi @shron_shron77

    Thanks for flagging this with us. I’m guessing from your message that you got this notification while scanning using a security plugin (such as WordFence or Sucuri), is that right?

    This could be because hosting providers that provide managed WordPress hosting leave old WordPress files in place and set permissions so that they can’t be deleted.

    Please reach out to your hosting provider about this error, and they should be able to fix this for you.

    Let us know if you have any other questions.

    @harishanker: This is a known bug that’s being tracked in the issue linked above, and scheduled to be fixed in 5.8.1. It’s not a hosting- or plugin-related problem.

    Hari Shanker R


    My bad, I stand corrected, @gappiah. Sorry I missed your reply before I commented! I hope this bug gets fixed soon. Thanks for the flag and the helpful reply, George!

    Thread Starter shron_shron77


    thanks guys!

    I wander how long before this vulnerability is exploited hopefully a fix comes sooner rather than later.

    Moderator James Huff


    Volunteer Moderator

    It’s not a vulnerability @thyran

    4 CSS files used by WordPress 5.7, but not 5.8, were simply not removed during update to 5.8.

    They will be removed when updating to WordPress 5.8.1 when it’s released later.

    For more details, see

    Again, this is not a vulnerability.

    Thanks for that clarification my WAF picked it up as a threat a low one but still a threat so I assumed it was one since it detected it as one.
    Reading online and it appears css files are not impervious to security vulnerabilities. I guess this is why it is detected as one.

    Moderator James Huff


    Volunteer Moderator

    I’m pretty sure they’re just detecting it as files that shouldn’t exist, but only they can answer why.

    I can definitely confirm there are absolutely no vulnerabilities in these files.

Viewing 9 replies - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.