Just received the same Wordfence warning.
There’s a pushoverhandler.php file in this github. Not sure if that’s relevant.
I’m not familiar with the Monolog package that’s mentioned at the top of the linked file in Wordfence. (Doesn’t mean it’s not legit though!)
Same here with a handful of my client’s site so far.
Hello @creativechaos @javenarius @pixelkituk @cowbelly,
We understand your concern. This warning originates from the Google API Client Library, which FluentSMTP utilizes for certain functionalities. It appears that Wordfence is flagging http://api.pushover.net/, possibly due to its presence on their domain blocklist.
This is more of a warning than a critical error. While we understand the unease it causes, there are no known code-related vulnerabilities within FluentSMTP associated with this URL. We’re monitoring the situation and hoping Google will address this on their end, as it concerns their own library.
In the meantime, you can continue using FluentSMTP to send emails without immediate concern. The warning doesn’t necessarily indicate an active threat or vulnerability in FluentSMTP itself. If the situation changes and requires action from our end, we will definitely notify you.
We appreciate you bringing this to our attention.
That’s URL is coming from Monolog Library and not sure why Wordfence is making it as suspected malware. It’s definately a false positive.
These Security Plugin Companies should be more responsible.
Just to add another line: I have opened a ticket with WordFence: https://wordpress.org/support/topic/false-positive-warning-for-fluentsmtp-plugin/
Please feel free to continue the conversation in that thread as well or you also open ticket with wordfence.
@techjewel This is just to provide additional information: I just ran a Wordfence check on one of our websites (all of our site are of course running FluentSMTP), and Wordfence didn’t report any issues with FluentSMTP.
I too am getting the warning. Please update this thread as you get answers from Wordfense.
@jharries Interesting. I wonder why not all Wordfence customers get the warning.
Hi All,
I just heard from Wordfense (I’m a premium customer) and it is indeed a false positive. They are fixing it now and it will not show on the next scan.
Note that t his is only second false positive I have had from Wordfence in over five years. Not too shabby. And I would rather the occasional false positive than a false negative!
Big thanks to @techjewel for being so on top of things! I’m convinced you are the best developer in the WordPress industry!
Thanks for checking in to this @jharries. I had a feeling it was a false positive but came here to make sure.
I went ahead and hit ignore in WordFence.
