Wordfence on "[Plugin: Wordfence Security] File difference warning, but no difference."

Hi,

Looks like the author is checking code into tags. This means that after he marks a release as stable, he then is adding code to it. Normally WP developers add new stuff to 'trunk' and then 'tag' something as 1.8.5 for example and then don't ever touch that tag again. He's adding hotfixes to his tags. These should really go into trunk and then be released as a new release. The effect of adding hotfixes is that existing users of a plugin end up running old code without being prompted to upgrade. You can see this here for example where he checked in code into 1.8.5 after it was released:

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=846196%40updraftplus&old=834911%40updraftplus&sfp_email=&sfph_mail=

And the newest release has the same issue.

Perhaps you could post a polite note on his forums asking him to avoid doing this which will ensure you are always running the newest code of his plugin and Wordfence doesn't report inconsistencies between what you're running and the repository version.

Regards,

Mark
PS: If you found this helpful, please rate Wordfence 5 stars.
http://wordpress.org/plugins/wordfence/