Plugin Author
Mark-k
(@mark-k)
@userwords, can you please share with us the exact message it gives so we can speak with the wordfence guys
Here you have:
Modified plugin file: wp-content/plugins/category-posts/cat-posts.php
Filename:
wp-content/plugins/category-posts/cat-posts.php
File type:
Plugin
Issue first detected:
11 days 2 hours ago.
Severity:
Warning
Status
Ignoring this file until it changes
This file belongs to plugin "Category Posts Widget" version "4.1.7" and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don't manage their code correctly. [See our FAQ on www.wordfence.com for more info]
Plugin Author
Mark-k
(@mark-k)
For testing we are running now with a new version in the repository, but we did not bump yet the version number, and that is probably the cause for that message. Didn’t know that WordFence do such test and will take it under consideration from now on.
If you want to be on the safe side, you can download the plugin from the repository and upload it via FTP, or just edit the file and change the version number to 4.1.6 to trigger the automatic update mechanism.
In any case we will probably do a formal release this week.
@userwords: It’s why we update the wordpress.org svn without increase the version number. I do this after we had to publish a patch version, then there were in the same place another mistake. I called it a ‘trick’ and do this no more. Especially when there are security tools that detect such tricks. After this incident we decided to write automated test. Now we plan a next version number increase which will extinguish your warnings.
