I use Wordfence plugin which scans server side plugins with original plugin files to see if anything was modified by hacker/cracker. Today I got a warning and it shows these modifications on /w3-total-cache/lib/W3/Cache/File.php
should I be worried? Last time I read there is a W3 exploit going around.
2 Answers
That security hole in W3 Total Cache was associated with data leaking through an exploit, and not explicitly with hackers changing code (that could happen afterwards, of course, but what you show isn’t this). The exploit has been fixed so just make sure your plugin is up to date. If unsure, disable / delete the plugin, then reinstall afresh from the plugin repository.
That isn’t to say that you haven’t been hacked, of course. Look for other signs, like core files with dates different to neighbouring files, folders that shouldn’t be there, etc. Have a read of the hacked FAQ on wordpress.org for starters.
