• Hello,

    We received a notice in the mail that WordPress has been updated but not updated.
    The only action taken was to hide the button for this update in the “Updates” submenu of the dashboard.

    It’s not a big deal, but it caused a little fright in our team.

    Thank you for taking this message into consideration and have a good day.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Maybe someone incidentally clicked on the button? The link must be clicked to trigger the notification.

    Hi !

    It could have been, but no.

    The NFW notification gives several information:
    – the type of action -> update
    – the target version -> 5.2.4 (currently in 4.9.12)
    – the identifier of the user who operated
    – the IP address of the user
    – the date and time
    – the url of the site concerned

    I can assure you that we checked before we contacted you.
    The site is still in 4.9.12 and the user who hid the update knows WordPress very well and was not mistaken.

    Have a nice day !

    Plugin Author nintechnet

    (@nintechnet)

    That’s very odd indeed.
    As you can see in the source code, the following conditions must be met to trigger the alert:
    1. The /update-core.php script must be requested.
    2. The $_GET['action'] must be set to do-core-upgrade.
    3. The user must have the update_core capability.

    If it happens again, check your HTTP log to see the request.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.