This documentation is only valid for older versions of Wordfence. If you are using Wordfence 7 or later, please visit our new documentation.

Understanding scan results

From Wordfence Documentation
Revision as of 14:36, 15 June 2017 by WFMattr (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Scan results can require some interpretation, and you might take different actions depending on how you run your WordPress site. Below are details of of some of the scan results.

Plugin appears to be abandoned

This scan result was added in version 6.3.11.

This scan result means that a plugin has not been updated in 2 years or more. This can be a problem, since it means the plugin author has not made any changes for a long period of time. Sometimes that means it won't be fully compatible with newer WordPress versions, reported bugs may not be fixed, and new security issues might not be addressed.

The scan result also shows if this plugin has a known security issue that has not been fixed. If that is the case, it is recommended that you remove the plugin as soon as possible, and replace it with a different plugin if you need the same functionality.

Example scan result:

The Plugin "Plugin Name" appears to be abandoned.
Plugin has unpatched security issues.
It was last updated 2 years 11 months ago. It has unpatched security issues and may have compatibility problems with the current version of WordPress


Resolution: If you are certain that the plugin is still safe, and the scan result doesn't show unpatched security issues, you can continue to use it, but we recommend that you consider replacing it with a plugin that is currently maintained in most cases. But some small plugins may remain safe and may not need any compatibility changes for new WordPress versions.


Plugin has been removed from wordpress.org

This scan result was added in version 6.3.11.

This is similar to abandoned plugins described above, but in this case, the plugin is no longer available to install from wordpress.org, and it will likely never release updates again.

Plugins can be removed from wordpress.org for a variety of reasons, including the author intentionally stopping development, converting it to a "paid only" plugin, or various other reasons that the wordpress.org staff might remove the plugin.

Example scan result:

The Plugin "Plugin Name" has been removed from wordpress.org.
It may have compatibility problems with the current version of WordPress or unknown security issues.


Resolution: In most cases, we recommend removing the plugin and finding a similar plugin that is currently maintained. Some hosts pre-install plugins on all new WordPress sites, so if you have a plugin installed that you have never used, and it is no longer available on wordpress.org, it is best to remove it.

There may also be rare cases where a plugin you have from another source shares a name with a wordpress.org plugin, so if you know that is the case, it would not be necessary to remove it.


Unknown file in WordPress core

This scan checks your WordPress core files and notifies you about files that do not match the current version of WordPress that you have installed.

Example scan result:

Unknown file in WordPress core
This file is in a WordPress core location but is not distributed with this version of WordPress. This is usually due to it being left over from a previous WordPress update, but it may also have been added by another plugin or a malicious file added by an attacker.


Resolution: If you already know about the listed file, you can click the link to ignore the file until it changes. If you don't know what the file is, it may require some investigation.

Some "Managed WordPress" hosting plans do not allow you to change core files, and on some hosts, if a new version of WordPress no longer includes a particular file, it may be left in your site's files. In this case, it is generally safe to ignore the file, or you can contact the host if you believe it should be removed.