Hi,
Likely hackers have broken into your WordPress site, and placed their code in as many files as they could.
Note that once hackers break in, they try to place code everywhere – so, if the code has been placed in UpdraftPlus, that doesn’t mean that they haven’t placed it elsewhere too (they probably have) or that they broke in using UpdraftPlus (in a typical WP install, all files have the same permissions, so after breaking in anywhere, you can over-write anything).
You’ll want to replace any plugins that WordFence is showing differences for with a clean copy; and make sure everything’s up to date, and change passwords for all users, etc.
Best wishes,
David
I’ve just seen the same thing on a client’s site. Here’s the WordFence report:
Recently Modified Files
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Resource/ResourceIteratorFactoryInterface.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Exception/ValidationException.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Exception/ResponseClassException.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Resource/CompositeResourceIteratorFactory.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Resource/ResourceIteratorApplyBatched.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Resource/ResourceIteratorClassFactory.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Resource/ResourceIteratorInterface.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Resource/Model.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Exception/CommandException.php
febrero 18, 2016 3:41pm
wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Service/Exception/ServiceBuilderException.php
You’ll want to check that your site’s not been hacked. There’s no reason for those files to be modified.
When a hack happens, finding out which files the hackers modified doesn’t indicate how they got in – because, once they get in, they can modify anything. Modifying popular plugins is common, because popular plugins are more likely to exist on the site, and so they’re looked-for first.
David