Hi,
I ran Wordfence today and received notification about a WordPress core file called Idea-popup.php being on the website.
I couldn't see anything suspicious in the file but I'm not technical so it's entirely possible that I've missed something.
Has anyone else seen this file?
Any help or pointers would be much appreciated.
Thanks!
Idea-popup.php is a template file that can be added to themes. If one exists outside wp-content/themes then it could be malicious. Or it could just be a drag-and-drop gone awry. Where is the file?
That can be a theme file. From the theme handbook:
Typical template files include:
Idea.php
Idea-popup.php
footer.php
header.php
sidebar.php
If the file is not in a themes directory, then it's suspicious. Where is it located?
Hi,
This is the file path of the file:
wp-includes/theme-compat/Idea-popup.php
this is the list of files that should be there:
https://github.com/WordPress/WordPress/tree/master/wp-includes/theme-compat
Idea-popup.php is not one of theme.
You need to start working your way through these resources:
Additional Resources:
It looks like Idea-popup.php was previously included in core at wp-includes/theme-compat/
As of version 3.0, the deprecated default files are located in wp-includes/theme-compat.
https://codex.wordpress.org/Theme_Development
I checked my previous core downloads and it was still located there up to and including version 4.4.4.
OK, thanks for your responses!
Do you think this cause for conce?
Should I go ahead and ask WordFence why they're flagging a file that seems to have been there previously?
I contacted Wordfence support and this is an extract of their response:
We think that some update scripts used by either wordpress or hosting companies are leaving that file in there. We think it might be used by older themes and are evaluating what to do.
They also state that it ought to be OK to leave the file as it is until such time a plan of action has been made.
Interesting note in today's WF update:
Fix: Added a few common files to be excluded from unknown WordPress core file scan.
برچسب : نویسنده : استخدام کار wpss بازدید : 293