Support » Plugin: Yoast SEO » Wordfence warning

  • Resolved susantau


    This morning Wordfence is notifying me of a vulnerability in all my sites that use Yoast (all my sites):

    “Modified plugin file: wp-content/plugins/wordpress-seo/wp-seo-main.php”

    Was this modification done by Yoast? Should I be concerned?

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Support devnihil


    @susantau We’re sorry to hear you are experiencing this issue on your site.

    If you manually update the plugin to the current version (15.9.1) and overwrite the wp-seo-main.php, does this resolve the warning you are receiving from Wordfence?

    We have instructions on how to upgrade the plugin manually at the following link: You will need an FTP program such as FileZilla and your FTP details, which can be obtained from your host provider.

    This is a joke. really.
    you should release a good update and help us.

    all the plugins do updates and only yours got problems with the firewall…
    with different clients and a couple of websites (I have 3, only me).

    You need to release a fix for it and update your plugin data in properly.

    This is not a big issue to worry about. It happens from time to time with a plugin update. I have had the same occur many times with other popular plugins.

    All it means is that there was a small change between when it was distributed by, which Wordfence checks, and the latter change. In this case, it is only a tiny edit changing one line from define( ‘YOAST_SEO_WP_TESTED’, ‘5.7’ ); to define( ‘YOAST_SEO_WP_TESTED’, ‘5.6’ ).

    The best action to take is to ignore the error because it really is just a false positive. It will disappear when Yoast next updates the plugin. It’s usually every two weeks, so not long to wait.

    The other solution is to delete and reinstall the plugin. But it’s hardly worth the time and effort for something that is not a problem, only a small annoyance.

    Plugin Support Pcosta88



    The warning from WordFence means we made a change to the plugin but did not add a new version number to it. This guide explains more:

    We recommend either re-installing the whole plugin using File Transfer Protocol (FTP) or ignoring the notificatin.

    You can learn more about how to update manually using FTP here: You will need an FTP program such as FileZilla and your FTP details, which can be obtained from your host provider. 

    You may download the zip file from your My Yoast download section here: If you do not have a My Yoast account please use this guide to create one: Note that you will need your purchase email to create the account.

    Alternatively, your host provider may be able to help or suggest a different method to install Yoast. When you update using FTP you are not expected to lose your SEO data or settings.

    • This reply was modified 8 months, 3 weeks ago by Pcosta88.

    Thanks for pointing this out. I’m Tim, the Lead Customer Support Engineer at Wordfence and Taco, the Community manager at Yoast, was so kind as to let me answer here.

    In most plugins there is a readme.txt file that, among other things, includes the “Tested up to” value that tells users what version of WordPress the plugin works with. Yoast has changed their code a little (which is totally fine) and added a constant in the code that also includes that information. Wordfence ignores text changes in the readme.txt file but changed code in a plugin is something you should know about. When a site is compromised often times changed code in plugins or themes, or even WordPress core files, is the first sign that something is amiss.

    In this particular case Yoast released version 15.9.1 and this value was not changed and still indicated that the plugin was only tested up to WordPress version 5.6. Team Yoast quickly spotted the problem and fixed it in the repository at effectively releasing a second version of 15.9.1. This version corrected the constant to indicate that the plugin is tested up to WordPress version 5.7. As a result, if you had updated before the change was made you would get the scan warning you saw. If you updated after the change, you wouldn’t.

    To fix this, just choose the repair option for that scan result. It will fetch the corrected version and replace the old version on your site. Since this is just a constant there should be no problems at all.

    I might add that Team Yoast is very on top of these things and super responsive. Thanks Taco and Team Yoast for taking care of this so fast!


    Thread Starter susantau


    Hi Tim,

    Thanks so much for your very articulate explanation.

    I’d love to address this issue using the Repair method, but I ran into an issue when I tried to do a Wordfence Repair on the file for two of my websites: when I click to download a backup within the Repair dialog, I get a “This site can’t be reached” message.

    The error message for one of those sites looks like this:
    The webpage at might be temporarily down or it may have moved permanently to a new web address.

    Both sites seem to be working fine.

    And it seems I can’t click to proceed with the Repair unless I’ve clicked to download a backup first.

    I will appreciate if you could point me in the right direction if I’m doing something wrong.

    Thanks again!

    Plugin Support Md Mazedul Islam Khan


    @susantau we are sorry to hear that you’re having trouble using the Repair option that @wfsupport mentioned. In this case, you can simply reinstall the Yoast SEO plugin and that shall fix the issue.

    Note: we have released Yoast SEO v15.9.2 today and once you update the plugin to the latest version, the relevant notice from Wordfence shall disappear automatically.

    Let us know whether the issue persists!

    Thread Starter susantau


    I’ve just updated to 15.9.2 and a WordFence scan comes up all good.

    Thanks to all.

    Plugin Support Michael Tina



    We’re glad to hear it! We’ll be setting this forum topic to resolved.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Wordfence warning’ is closed to new replies.