HivePress Favorites 1.2.2, Geolocation 1.3.7, Message 1.3.0, Reviews 1.3.0 have been modified from the file that is distributed by WordPress.org for this version… If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don’t manage their code correctly.
Hi,
Please provide more details on how long you have had Wordfence installed and if there have been any recent updates for this plugin. Also, is it specified which file is from the “file distributed by WordPress.org”?
I’m currently using wordfence 7.11.7 which was installed on hivepress 1.7.6 (got the warning since 1.7.7 or 1.7.8).
For more info > Scan Results - Wordfence
Hi,
Thank you for the report. Please let us know which files were modified and with what files (perhaps path, etc., are displayed).
- plugins/hivepress-favorites/hivepress-favorites.php
- plugins/hivepress-favorites/languages/hivepress-favorites.pot
- plugins/hivepress-geolocation/assets/js/common.js
- plugins/hivepress-geolocation/assets/js/common.min.js
- plugins/hivepress-geolocation/includes/components/class-geolocation.php
- plugins/hivepress-geolocation/languages/hivepress-geolocation.pot
- plugins/hivepress-geolocation/vendor/autoload.php
- plugins/hivepress-geolocation/vendor/composer/ClassLoader.php
- plugins/hivepress-geolocation/vendor/composer/InstalledVersions.php
- plugins/hivepress-geolocation/vendor/composer/autoload_real.php
- plugins/hivepress-geolocation/vendor/composer/autoload_static.php
- plugins/hivepress-geolocation/vendor/composer/installed.php
- plugins/hivepress-messages/includes/controllers/class-message.php
- plugins/hivepress-messages/languages/hivepress-messages.pot
- plugins/hivepress-messages/vendor/autoload.php
- plugins/hivepress-messages/vendor/composer/ClassLoader.php
- plugins/hivepress-messages/vendor/composer/InstalledVersions.php
- plugins/hivepress-messages/vendor/composer/autoload_real.php
- plugins/hivepress-messages/vendor/composer/autoload_static.php
- plugins/hivepress-messages/vendor/composer/installed.php
- plugins/hivepress-reviews/assets/css/frontend.less
- plugins/hivepress-reviews/assets/css/frontend.min.css
- plugins/hivepress-reviews/languages/hivepress-reviews.pot
- plugins/hivepress-reviews/templates/review/view/review-author.php
- plugins/hivepress-reviews/templates/review/view/review-image.php
- plugins/hivepress-reviews/vendor/autoload.php
- plugins/hivepress-reviews/vendor/composer/ClassLoader.php
- plugins/hivepress-reviews/vendor/composer/InstalledVersions.php
- plugins/hivepress-reviews/vendor/composer/autoload_real.php
- plugins/hivepress-reviews/vendor/composer/autoload_static.php
- plugins/hivepress-reviews/vendor/composer/installed.php
Hi,
If I understand you correctly, these are files that have been modified? If Wordfence has clarified that it was not due to an update, but simply modified, then please check that your site has not been hacked, for example, through another way.
Hi, if i check HivePress Favorites 1.2.2, the file has indeed been slightly modified - definitely not by a hacker. To me, it looks 100% legit and I guess the warning can be ignored. Remains the question if you have to better manage code updates or not 
Original File
----------------
18 add_filter(
19 'hivepress/v1/extensions',
20 function( $extensions ) {
21 $extensions[] = __DIR__;
22
23 return $extensions;
24 }
25 );
Modified version
-----------------
18 add_filter(
19 'hivepress/v1/extensions',
20 function( $extensions ) {
21 return array_merge( $extensions, [ __DIR__ ] );
22 }
Hi,
I see. Most likely, the Wordfence plugin shows warnings about each update from wordpress.org, we recommend checking the settings, there may be an option to disable these warnings.