Wordfence Security – Firewall &amp; Malware Scan

Version Description

June 14, 2022 =
Improvement: Added option to toggle display of last login column on WP Users page
Improvement: Improved autocomplete support for 2FA code on Apple devices
Improvement: Prevented Batcache from caching block pages
Improvement: Updated GeoIP database
Fix: Prevented extraneous scan results when non-existent paths are configured using UPLOADS and related constants
Fix: Corrected issue that prevented reCAPTCHA scores from being recorded
Fix: Prevented invalid JSON setting values from triggering fatal errors
Fix: Made text domains consistent for translation support
Fix: Clarified that allowlisted IP addresses also bypass reCAPTCHA

Release Info

Developer	wfalexk
Plugin	Wordfence Security – Firewall & Malware Scan
Version	7.5.11
Comparing to
See all releases

Code changes from version 7.5.10 to 7.5.11

Files changed (104) hide show

css/{activity-report-widget.1652811581.css → activity-report-widget.1655226500.css} +0 -0
css/{diff.1652811581.css → diff.1655226500.css} +0 -0
css/{dt_table.1652811581.css → dt_table.1655226500.css} +0 -0
css/{fullLog.1652811581.css → fullLog.1655226500.css} +0 -0
css/{iptraf.1652811581.css → iptraf.1655226500.css} +0 -0
css/{jquery-ui-timepicker-addon.1652811581.css → jquery-ui-timepicker-addon.1655226500.css} +0 -0
css/{jquery-ui.min.1652811581.css → jquery-ui.min.1655226500.css} +0 -0
css/{jquery-ui.structure.min.1652811581.css → jquery-ui.structure.min.1655226500.css} +0 -0
css/{jquery-ui.theme.min.1652811581.css → jquery-ui.theme.min.1655226500.css} +0 -0
css/license/{care-global.1652811581.css → care-global.1655226500.css} +0 -0
css/license/{care.1652811581.css → care.1655226500.css} +0 -0
css/license/{free-global.1652811581.css → free-global.1655226500.css} +0 -0
css/license/{free.1652811581.css → free.1655226500.css} +0 -0
css/license/{premium-global.1652811581.css → premium-global.1655226500.css} +0 -0
css/license/{premium.1652811581.css → premium.1655226500.css} +0 -0
css/license/{response-global.1652811581.css → response-global.1655226500.css} +0 -0
css/license/{response-variables.1652811581.css → response-variables.1655226500.css} +0 -0
css/license/{response.1652811581.css → response.1655226500.css} +0 -0
css/{main.1652811581.css → main.1655226500.css} +0 -0
css/{phpinfo.1652811581.css → phpinfo.1655226500.css} +0 -0
css/{wf-adminbar.1652811581.css → wf-adminbar.1655226500.css} +0 -0
css/{wf-colorbox.1652811581.css → wf-colorbox.1655226500.css} +0 -0
css/{wf-font-awesome.1652811581.css → wf-font-awesome.1655226500.css} +0 -0
css/{wf-global.1652811581.css → wf-global.1655226500.css} +0 -0
css/{wf-ionicons.1652811581.css → wf-ionicons.1655226500.css} +0 -0
css/{wf-onboarding.1652811581.css → wf-onboarding.1655226500.css} +0 -0
css/{wf-roboto-font.1652811581.css → wf-roboto-font.1655226500.css} +0 -0
css/{wfselect2.min.1652811581.css → wfselect2.min.1655226500.css} +0 -0
css/{wordfenceBox.1652811581.css → wordfenceBox.1655226500.css} +0 -0
js/{Chart.bundle.min.1652811581.js → Chart.bundle.min.1655226500.js} +0 -0
js/{admin.1652811581.js → admin.1655226500.js} +0 -0
js/{admin.ajaxWatcher.1652811581.js → admin.ajaxWatcher.1655226500.js} +0 -0
js/{admin.liveTraffic.1652811581.js → admin.liveTraffic.1655226500.js} +0 -0
js/{date.1652811581.js → date.1655226500.js} +0 -0
js/{jquery-ui-timepicker-addon.1652811581.js → jquery-ui-timepicker-addon.1655226500.js} +0 -0
js/{jquery.colorbox-min.1652811581.js → jquery.colorbox-min.1655226500.js} +0 -0
js/{jquery.colorbox.1652811581.js → jquery.colorbox.1655226500.js} +0 -0
js/{jquery.dataTables.min.1652811581.js → jquery.dataTables.min.1655226500.js} +0 -0
js/{jquery.qrcode.min.1652811581.js → jquery.qrcode.min.1655226500.js} +0 -0
js/{jquery.tmpl.min.1652811581.js → jquery.tmpl.min.1655226500.js} +0 -0
js/{jquery.tools.min.1652811581.js → jquery.tools.min.1655226500.js} +0 -0
js/{knockout-3.5.1.1652811581.js → knockout-3.5.1.1655226500.js} +0 -0
js/{wfdashboard.1652811581.js → wfdashboard.1655226500.js} +0 -0
js/{wfdropdown.1652811581.js → wfdropdown.1655226500.js} +0 -0
js/{wfglobal.1652811581.js → wfglobal.1655226500.js} +0 -0
js/{wfi18n.1652811581.js → wfi18n.1655226500.js} +0 -0
js/{wfpopover.1652811581.js → wfpopover.1655226500.js} +0 -0
js/{wfselect2.min.1652811581.js → wfselect2.min.1655226500.js} +0 -0
languages/wordfence.po +196 -180
lib/GeoLite2-Country.mmdb +0 -0
lib/wfFileUtils.php +9 -0
lib/wfInvalidPathException.php +16 -0
lib/wfScanEngine.php +30 -14
lib/wfScanFile.php +1 -1
lib/wfScanPath.php +2 -2
lib/wfUtils.php +1 -1
lib/wordfenceHash.php +7 -1
lib/wordfenceScanner.php +17 -14
modules/login-security/classes/controller/ajax.php +14 -14
modules/login-security/classes/controller/settings.php +20 -3
modules/login-security/classes/controller/users.php +2 -2
modules/login-security/classes/controller/wordfencels.php +17 -17
modules/login-security/css/{admin-global.1652811581.css → admin-global.1655226500.css} +0 -0
modules/login-security/css/{admin.1652811581.css → admin.1655226500.css} +0 -0
modules/login-security/css/{colorbox.1652811581.css → colorbox.1655226500.css} +0 -0
modules/login-security/css/{font-awesome.1652811581.css → font-awesome.1655226500.css} +0 -0
modules/login-security/css/{ionicons.1652811581.css → ionicons.1655226500.css} +0 -0
modules/login-security/css/{jquery-ui.min.1652811581.css → jquery-ui.min.1655226500.css} +0 -0
modules/login-security/css/{jquery-ui.structure.min.1652811581.css → jquery-ui.structure.min.1655226500.css} +0 -0
modules/login-security/css/{jquery-ui.theme.min.1652811581.css → jquery-ui.theme.min.1655226500.css} +0 -0
modules/login-security/css/{login.1652811581.css → login.1655226500.css} +0 -0
modules/login-security/js/{admin-global.1652811581.js → admin-global.1655226500.js} +0 -0
modules/login-security/js/{admin.1652811581.js → admin.1655226500.js} +0 -0
modules/login-security/js/{jquery.colorbox.1652811581.js → jquery.colorbox.1655226500.js} +0 -0
modules/login-security/js/{jquery.colorbox.min.1652811581.js → jquery.colorbox.min.1655226500.js} +0 -0
modules/login-security/js/{jquery.qrcode.min.1652811581.js → jquery.qrcode.min.1655226500.js} +0 -0
modules/login-security/js/{jquery.tmpl.min.1652811581.js → jquery.tmpl.min.1655226500.js} +0 -0
modules/login-security/js/{login.1652811581.js → login.1655226500.js} +1 -1
modules/login-security/views/email/login-verification.php +6 -6
modules/login-security/views/manage/activate.php +2 -2
modules/login-security/views/manage/code.php +1 -1
modules/login-security/views/manage/deactivate.php +4 -4
modules/login-security/views/manage/regenerate.php +4 -4
modules/login-security/views/options/option-captcha-threshold.php +2 -2
modules/login-security/views/options/option-captcha.php +5 -5
modules/login-security/views/options/option-roles.php +3 -3
modules/login-security/views/options/option-select.php +1 -1
modules/login-security/views/options/option-text.php +1 -1
modules/login-security/views/options/option-toggled-boolean-switch.php +1 -1
modules/login-security/views/options/option-toggled-segmented.php +1 -1
modules/login-security/views/options/option-toggled-select.php +1 -1
modules/login-security/views/options/option-toggled-sub.php +2 -2
modules/login-security/views/options/option-toggled-textarea.php +1 -1
modules/login-security/views/options/option-token.php +1 -1
modules/login-security/views/page/role.php +3 -3
modules/login-security/views/settings/options.php +13 -1
modules/login-security/views/settings/user-stats.php +1 -1
modules/login-security/views/user/grace-period-toggle.php +1 -1
modules/login-security/wordfence-login-security.php +2 -2
readme.txt +12 -1
vendor/wordfence/wf-waf/src/lib/utils.php +1 -1
views/scanner/issue-file.php +2 -2
views/scanner/issue-knownfile.php +2 -2
wordfence.php +3 -3

css/{activity-report-widget.1652811581.css → activity-report-widget.1655226500.css} RENAMED Viewed

File without changes

css/{diff.1652811581.css → diff.1655226500.css} RENAMED Viewed

File without changes

css/{dt_table.1652811581.css → dt_table.1655226500.css} RENAMED Viewed

File without changes

css/{fullLog.1652811581.css → fullLog.1655226500.css} RENAMED Viewed

File without changes

css/{iptraf.1652811581.css → iptraf.1655226500.css} RENAMED Viewed

File without changes

css/{jquery-ui-timepicker-addon.1652811581.css → jquery-ui-timepicker-addon.1655226500.css} RENAMED Viewed

File without changes

css/{jquery-ui.min.1652811581.css → jquery-ui.min.1655226500.css} RENAMED Viewed

File without changes

css/{jquery-ui.structure.min.1652811581.css → jquery-ui.structure.min.1655226500.css} RENAMED Viewed

File without changes

css/{jquery-ui.theme.min.1652811581.css → jquery-ui.theme.min.1655226500.css} RENAMED Viewed

File without changes

css/license/{care-global.1652811581.css → care-global.1655226500.css} RENAMED Viewed

File without changes

css/license/{care.1652811581.css → care.1655226500.css} RENAMED Viewed

File without changes

css/license/{free-global.1652811581.css → free-global.1655226500.css} RENAMED Viewed

File without changes

css/license/{free.1652811581.css → free.1655226500.css} RENAMED Viewed

File without changes

css/license/{premium-global.1652811581.css → premium-global.1655226500.css} RENAMED Viewed

File without changes

css/license/{premium.1652811581.css → premium.1655226500.css} RENAMED Viewed

File without changes

css/license/{response-global.1652811581.css → response-global.1655226500.css} RENAMED Viewed

File without changes

css/license/{response-variables.1652811581.css → response-variables.1655226500.css} RENAMED Viewed

File without changes

css/license/{response.1652811581.css → response.1655226500.css} RENAMED Viewed

File without changes

css/{main.1652811581.css → main.1655226500.css} RENAMED Viewed

File without changes

css/{phpinfo.1652811581.css → phpinfo.1655226500.css} RENAMED Viewed

File without changes

css/{wf-adminbar.1652811581.css → wf-adminbar.1655226500.css} RENAMED Viewed

File without changes

css/{wf-colorbox.1652811581.css → wf-colorbox.1655226500.css} RENAMED Viewed

File without changes

css/{wf-font-awesome.1652811581.css → wf-font-awesome.1655226500.css} RENAMED Viewed

File without changes

css/{wf-global.1652811581.css → wf-global.1655226500.css} RENAMED Viewed

File without changes

css/{wf-ionicons.1652811581.css → wf-ionicons.1655226500.css} RENAMED Viewed

File without changes

css/{wf-onboarding.1652811581.css → wf-onboarding.1655226500.css} RENAMED Viewed

File without changes

css/{wf-roboto-font.1652811581.css → wf-roboto-font.1655226500.css} RENAMED Viewed

File without changes

css/{wfselect2.min.1652811581.css → wfselect2.min.1655226500.css} RENAMED Viewed

File without changes

css/{wordfenceBox.1652811581.css → wordfenceBox.1655226500.css} RENAMED Viewed

File without changes

js/{Chart.bundle.min.1652811581.js → Chart.bundle.min.1655226500.js} RENAMED Viewed

File without changes

js/{admin.1652811581.js → admin.1655226500.js} RENAMED Viewed

File without changes

js/{admin.ajaxWatcher.1652811581.js → admin.ajaxWatcher.1655226500.js} RENAMED Viewed

File without changes

js/{admin.liveTraffic.1652811581.js → admin.liveTraffic.1655226500.js} RENAMED Viewed

File without changes

js/{date.1652811581.js → date.1655226500.js} RENAMED Viewed

File without changes

js/{jquery-ui-timepicker-addon.1652811581.js → jquery-ui-timepicker-addon.1655226500.js} RENAMED Viewed

File without changes

js/{jquery.colorbox-min.1652811581.js → jquery.colorbox-min.1655226500.js} RENAMED Viewed

File without changes

js/{jquery.colorbox.1652811581.js → jquery.colorbox.1655226500.js} RENAMED Viewed

File without changes

js/{jquery.dataTables.min.1652811581.js → jquery.dataTables.min.1655226500.js} RENAMED Viewed

File without changes

js/{jquery.qrcode.min.1652811581.js → jquery.qrcode.min.1655226500.js} RENAMED Viewed

File without changes

js/{jquery.tmpl.min.1652811581.js → jquery.tmpl.min.1655226500.js} RENAMED Viewed

File without changes

js/{jquery.tools.min.1652811581.js → jquery.tools.min.1655226500.js} RENAMED Viewed

File without changes

js/{knockout-3.5.1.1652811581.js → knockout-3.5.1.1655226500.js} RENAMED Viewed

File without changes

js/{wfdashboard.1652811581.js → wfdashboard.1655226500.js} RENAMED Viewed

File without changes

js/{wfdropdown.1652811581.js → wfdropdown.1655226500.js} RENAMED Viewed

File without changes

js/{wfglobal.1652811581.js → wfglobal.1655226500.js} RENAMED Viewed

File without changes

js/{wfi18n.1652811581.js → wfi18n.1655226500.js} RENAMED Viewed

File without changes

js/{wfpopover.1652811581.js → wfpopover.1655226500.js} RENAMED Viewed

File without changes

js/{wfselect2.min.1652811581.js → wfselect2.min.1655226500.js} RENAMED Viewed

File without changes

languages/wordfence.po CHANGED Viewed

	@@ -2,14 +2,14 @@
2	# This file is distributed under the same license as the Wordfence Security plugin.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Wordfence Security 7.5.10\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/src\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	- "POT-Creation-Date: 2022-05-~~17T14~~:17:20-04:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: wordfence\n"
	@@ -240,16 +240,16 @@ msgstr ""
240	#: lib/wfScanEngine.php:699
241	#: lib/wfScanEngine.php:722
242	#: lib/wfScanEngine.php:797
243	- #: lib/wfScanEngine.php:~~1010~~
244	- #: lib/wfScanEngine.php:~~1011~~
245	- #: lib/wfScanEngine.php:~~1152~~
246	- #: lib/wfScanEngine.php:~~1289~~
247	- #: lib/wfScanEngine.php:~~1432~~
248	- #: lib/wfScanEngine.php:~~1796~~
249	- #: lib/wfScanEngine.php:~~2042~~
250	- #: lib/wfScanEngine.php:~~2081~~
251	- #: lib/wfScanEngine.php:~~2269~~
252	- #: lib/wfScanEngine.php:~~2311~~
253	#: lib/wfVersionCheckController.php:68
254	#: lib/wfVersionCheckController.php:91
255	#: lib/wfVersionCheckController.php:167
	@@ -280,10 +280,10 @@ msgstr ""
280	#: lib/wordfenceClass.php:8237
281	#: lib/wordfenceClass.php:8283
282	#: lib/wordfenceClass.php:9005
283	- #: lib/wordfenceHash.php:~~515~~
284	- #: lib/wordfenceHash.php:~~562~~
285	- #: lib/wordfenceHash.php:~~636~~
286	- #: lib/wordfenceHash.php:~~750~~
287	#: views/blocking/block-list.php:35
288	#: views/blocking/blocking-create.php:179
289	#: views/blocking/blocking-status.php:27
	@@ -6654,560 +6654,572 @@ msgstr ""
6654	msgid "Check if your site is being Spamvertized is for paid members only"
6655	msgstr ""
6656
6657	- #: lib/wfScanEngine.php:~~954~~








6658	msgid "Wordfence could not read the content of your WordPress directory. This usually indicates your permissions are so strict that your web server can't read your WordPress directory."
6659	msgstr ""
6660
6661	- #: lib/wfScanEngine.php:~~972~~




6662	msgid "Checking for paths skipped due to scan settings"
6663	msgstr ""
6664
6665	#. translators: Number of paths skipped in scan.
6666	- #: lib/wfScanEngine.php:~~982~~
6667	msgid ", and %d more."
6668	msgstr ""
6669
6670	#. translators: Number of paths skipped in scan.
6671	- #: lib/wfScanEngine.php:~~1006~~
6672	msgid "%d path was skipped for the malware scan due to scan settings"
6673	msgid_plural "%d paths were skipped for the malware scan due to scan settings"
6674	msgstr[0] ""
6675	msgstr[1] ""
6676
6677	#. translators: 1. Number of paths skipped in scan. 2. Support URL. 3. List of skipped paths.
6678	- #: lib/wfScanEngine.php:~~1009~~
6679	msgid "The option \"Scan files outside your WordPress installation\" is off by default, which means %1$d path and its file(s) will not be scanned for malware or unauthorized changes. To continue skipping this path, you may ignore this issue. Or to start scanning it, enable the option and subsequent scans will include it. Some paths may not be necessary to scan, so this is optional. <a href=\"%2$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
6680	msgid_plural "The option \"Scan files outside your WordPress installation\" is off by default, which means %1$d paths and their file(s) will not be scanned for malware or unauthorized changes. To continue skipping these paths, you may ignore this issue. Or to start scanning them, enable the option and subsequent scans will include them. Some paths may not be necessary to scan, so this is optional. <a href=\"%2$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
6681	msgstr[0] ""
6682	msgstr[1] ""
6683
6684	- #: lib/wfScanEngine.php:~~1037~~
6685	msgid "Including files that are outside the WordPress installation in the scan."
6686	msgstr ""
6687
6688	- #: lib/wfScanEngine.php:~~1040~~
6689	msgid "Getting plugin list from WordPress"
6690	msgstr ""
6691
6692	#. translators: Number of plugins.
6693	- #: lib/wfScanEngine.php:~~1042~~
6694	msgid "Found %d plugin"
6695	msgid_plural "Found %d plugins"
6696	msgstr[0] ""
6697	msgstr[1] ""
6698
6699	- #: lib/wfScanEngine.php:~~1044~~
6700	msgid "Getting theme list from WordPress"
6701	msgstr ""
6702
6703	#. translators: Number of themes.
6704	- #: lib/wfScanEngine.php:~~1046~~
6705	msgid "Found %d theme"
6706	msgid_plural "Found %d themes"
6707	msgstr[0] ""
6708	msgstr[1] ""
6709
6710	- #: lib/wfScanEngine.php:~~1063~~
6711	msgid "Scanning file contents for infections and vulnerabilities"
6712	msgstr ""
6713
6714	- #: lib/wfScanEngine.php:~~1066~~
6715	msgid "Skipping scan of file contents for infections and vulnerabilities"
6716	msgstr ""
6717
6718	- #: lib/wfScanEngine.php:~~1070~~
6719	msgid "Scanning file contents for URLs on a domain blocklist"
6720	msgstr ""
6721
6722	- #: lib/wfScanEngine.php:~~1073~~
6723	msgid "Skipping scan of file contents for URLs on a domain blocklist"
6724	msgstr ""
6725
6726	- #: lib/wfScanEngine.php:~~1078~~
6727	msgid "Starting scan of file contents"
6728	msgstr ""
6729
6730	- #: lib/wfScanEngine.php:~~1094~~
6731	msgid "Done file contents scan"
6732	msgstr ""
6733
6734	#. translators: Scan result description.
6735	- #: lib/wfScanEngine.php:~~1102~~
6736	- #: lib/wfScanEngine.php:~~2271~~
6737	- #: lib/wfScanEngine.php:~~2313~~
6738	msgid "Adding issue: %s"
6739	msgstr ""
6740
6741	- #: lib/wfScanEngine.php:~~1135~~
6742	msgid "Scanning for publicly accessible quarantined files"
6743	msgstr ""
6744
6745	#. translators: File path.
6746	- #: lib/wfScanEngine.php:~~1140~~
6747	msgid "Testing accessibility of: %s"
6748	msgstr ""
6749
6750	#. translators: File path.
6751	- #: lib/wfScanEngine.php:~~1149~~
6752	msgid "Publicly accessible quarantined file found: %s"
6753	msgstr ""
6754
6755	#. translators: URL to publicly accessible file.
6756	- #: lib/wfScanEngine.php:~~1152~~
6757	msgid "<a href=\"%1$s\" target=\"_blank\" rel=\"noopener noreferrer\">%1$s<span class=\"screen-reader-text\"> ("
6758	msgstr ""
6759
6760	- #: lib/wfScanEngine.php:~~1176~~
6761	msgid "Scanning posts for URLs on a domain blocklist"
6762	msgstr ""
6763
6764	#. translators: Number of posts left to scan.
6765	- #: lib/wfScanEngine.php:~~1199~~
6766	msgid "Scanning posts with %d left to scan."
6767	msgstr ""
6768
6769	- #: lib/wfScanEngine.php:~~1221~~
6770	msgid "Post title contains suspicious code"
6771	msgstr ""
6772
6773	- #: lib/wfScanEngine.php:~~1222~~
6774	msgid "This post contains code that is suspicious. Please check the title of the post and confirm that the code in the title is not malicious."
6775	msgstr ""
6776
6777	- #: lib/wfScanEngine.php:~~1245~~
6778	msgid "Examining URLs found in posts we scanned for dangerous websites"
6779	msgstr ""
6780
6781	- #: lib/wfScanEngine.php:~~1247~~
6782	- #: lib/wfScanEngine.php:~~2234~~
6783	msgid "Done examining URLs"
6784	msgstr ""
6785
6786	#. translators: 1. WordPress Post type. 2. URL.
6787	- #: lib/wfScanEngine.php:~~1283~~
6788	- #: lib/wfScanEngine.php:~~1303~~
6789	msgid "%1$s contains a suspected malware URL: %2$s"
6790	msgstr ""
6791
6792	#. translators: 1. WordPress Post type. 2. URL. 3. URL.
6793	#. translators: 1. WordPress post type. 2. URL. 3. URL.
6794	- #: lib/wfScanEngine.php:~~1289~~
6795	- #: lib/wfScanEngine.php:~~1432~~
6796	msgid "This %1$s contains a suspected malware URL listed on Google's list of malware sites. The URL is: %2$s - More info available at <a href=\"http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%3$s&client=googlechrome&hl=en-US\" target=\"_blank\" rel=\"noopener noreferrer\">Google Safe Browsing diagnostic page<span class=\"screen-reader-text\"> ("
6797	msgstr ""
6798
6799	#. translators: 1. WordPress Post type. 2. URL.
6800	- #: lib/wfScanEngine.php:~~1295~~
6801	msgid "%1$s contains a suspected phishing site URL: %2$s"
6802	msgstr ""
6803
6804	#. translators: 1. WordPress Post type. 2. URL.
6805	#. translators: 1. WordPress post type. 2. URL.
6806	- #: lib/wfScanEngine.php:~~1298~~
6807	- #: lib/wfScanEngine.php:~~1441~~
6808	msgid "This %1$s contains a URL that is a suspected phishing site that is currently listed on Google's list of known phishing sites. The URL is: %2$s"
6809	msgstr ""
6810
6811	#. translators: 1. WordPress Post type. 2. URL.
6812	#. translators: 1. WordPress post type. 2. URL.
6813	- #: lib/wfScanEngine.php:~~1306~~
6814	- #: lib/wfScanEngine.php:~~1449~~
6815	msgid "This %1$s contains a URL that is currently listed on Wordfence's domain blocklist. The URL is: %2$s"
6816	msgstr ""
6817
6818	#. translators: Scan result description.
6819	- #: lib/wfScanEngine.php:~~1315~~
6820	msgid "Adding issue: %1$s"
6821	msgstr ""
6822
6823	- #: lib/wfScanEngine.php:~~1351~~
6824	msgid "Scanning comments for URLs on a domain blocklist"
6825	msgstr ""
6826
6827	#. translators: Number of comments left to scan.
6828	- #: lib/wfScanEngine.php:~~1375~~
6829	msgid "Scanning comments with %d left to scan."
6830	msgstr ""
6831
6832	#. translators: 1. WordPress post type. 2. WordPress author username.
6833	- #: lib/wfScanEngine.php:~~1429~~
6834	msgid "%1$s with author %2$s contains a suspected malware URL."
6835	msgstr ""
6836
6837	#. translators: WordPress post type.
6838	- #: lib/wfScanEngine.php:~~1438~~
6839	msgid "%s contains a suspected phishing site URL."
6840	msgstr ""
6841
6842	#. translators: URL.
6843	- #: lib/wfScanEngine.php:~~1446~~
6844	msgid "%s contains a suspected malware URL."
6845	msgstr ""
6846
6847	#. translators: WordPress username.
6848	- #: lib/wfScanEngine.php:~~1494~~
6849	msgid "Author: %s"
6850	msgstr ""
6851
6852	#. translators: Email address.
6853	- #: lib/wfScanEngine.php:~~1497~~
6854	msgid "Email: %s"
6855	msgstr ""
6856
6857	#. translators: IP address.
6858	- #: lib/wfScanEngine.php:~~1499~~
6859	msgid "Source IP: %s"
6860	msgstr ""
6861
6862	#. translators: Comment description.
6863	- #: lib/wfScanEngine.php:~~1500~~
6864	msgid "Scanning comment with %s"
6865	msgstr ""
6866
6867	#. translators: Comment description.
6868	- #: lib/wfScanEngine.php:~~1513~~
6869	- #: lib/wfScanEngine.php:~~1519~~
6870	msgid "Marking comment as spam for containing a malware URL. Comment has %s"
6871	msgstr ""
6872
6873	#. translators: Comment description.
6874	- #: lib/wfScanEngine.php:~~1516~~
6875	msgid "Marking comment as spam for containing a phishing URL. Comment has %s"
6876	msgstr ""
6877
6878	#. translators: Comment description.
6879	- #: lib/wfScanEngine.php:~~1526~~
6880	msgid "Scanned comment with %s"
6881	msgstr ""
6882
6883	- #: lib/wfScanEngine.php:~~1577~~
6884	msgid "Scanning for weak passwords"
6885	msgstr ""
6886
6887	- #: lib/wfScanEngine.php:~~1588~~
6888	msgid "We were unable to generate the user list for your password check."
6889	msgstr ""
6890
6891	#. translators: Number of users.
6892	- #: lib/wfScanEngine.php:~~1604~~
6893	msgid "Starting password strength check on %d user."
6894	msgid_plural "Starting password strength check on %d users."
6895	msgstr[0] ""
6896	msgstr[1] ""
6897
6898	#. translators: Number of users.
6899	- #: lib/wfScanEngine.php:~~1613~~
6900	msgid "Total of %d users left to process in password strength check."
6901	msgid_plural "Total of %d users left to process in password strength check."
6902	msgstr[0] ""
6903	msgstr[1] ""
6904
6905	#. translators: WordPress user ID.
6906	- #: lib/wfScanEngine.php:~~1648~~
6907	msgid "Could not get username for user with ID %d when checking password strength."
6908	msgstr ""
6909
6910	#. translators: 1. WordPress username. 2. WordPress user ID.
6911	- #: lib/wfScanEngine.php:~~1654~~
6912	msgid "Checking password strength of user '%1$s' with ID %2$d"
6913	msgstr ""
6914
6915	#. translators: 1. WordPress username. 2. WordPress capability.
6916	- #: lib/wfScanEngine.php:~~1662~~
6917	msgid "User \"%1$s\" with \"%2$s\" access has an easy password."
6918	msgstr ""
6919
6920	#. translators: WordPress capability.
6921	- #: lib/wfScanEngine.php:~~1668~~
6922	msgid "A user with the a role of '%s' has a password that is easy to guess. Please change this password yourself or ask the user to change it."
6923	msgstr ""
6924
6925	#. translators: WordPress username.
6926	- #: lib/wfScanEngine.php:~~1676~~
6927	msgid "User \"%s\" with 'subscriber' access has a very easy password."
6928	msgstr ""
6929
6930	- #: lib/wfScanEngine.php:~~1677~~
6931	msgid "A user with 'subscriber' access has a password that is very easy to guess. Please either change it or ask the user to change their password."
6932	msgstr ""
6933
6934	#. translators: Scan result description.
6935	- #: lib/wfScanEngine.php:~~1684~~
6936	msgid "Adding issue %s"
6937	msgstr ""
6938
6939	#. translators: WordPress username.
6940	- #: lib/wfScanEngine.php:~~1701~~
6941	msgid "Completed checking password strength of user '%s'"
6942	msgstr ""
6943
6944	- #: lib/wfScanEngine.php:~~1734~~
6945	msgid "Scanning to check available disk space"
6946	msgstr ""
6947
6948	- #: lib/wfScanEngine.php:~~1741~~
6949	msgid "Unable to access available disk space information"
6950	msgstr ""
6951
6952	#. translators: 1. Number of bytes. 2. Number of bytes.
6953	- #: lib/wfScanEngine.php:~~1750~~
6954	msgid "Total disk space: %1$s -- Free disk space: %2$s"
6955	msgstr ""
6956
6957	#. translators: Number of bytes.
6958	- #: lib/wfScanEngine.php:~~1755~~
6959	msgid "The disk has %s MB available"
6960	msgstr ""
6961
6962	#. translators: Number of bytes.
6963	- #: lib/wfScanEngine.php:~~1770~~
6964	msgid "You have %s disk space remaining"
6965	msgstr ""
6966
6967	#. translators: Number of bytes.
6968	- #: lib/wfScanEngine.php:~~1771~~
6969	msgid "You only have %s of your disk space remaining. Please free up disk space or your website may stop serving requests."
6970	msgstr ""
6971
6972	- #: lib/wfScanEngine.php:~~1784~~
6973	msgid "Checking Web Application Firewall status"
6974	msgstr ""
6975
6976	- #: lib/wfScanEngine.php:~~1795~~
6977	msgid "Web Application Firewall is disabled"
6978	msgstr ""
6979
6980	#. translators: Support URL.
6981	- #: lib/wfScanEngine.php:~~1796~~
6982	msgid "Wordfence's Web Application Firewall has been unexpectedly disabled. If you see a notice at the top of the Wordfence admin pages that says \"The Wordfence Web Application Firewall cannot run,\" click the link in that message to rebuild the configuration. If this does not work, you may need to fix file permissions. <a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">More Details<span class=\"screen-reader-text\"> ("
6983	msgstr ""
6984
6985	- #: lib/wfScanEngine.php:~~1811~~
6986	msgid "Scanning for old themes, plugins and core files"
6987	msgstr ""
6988
6989	- #: lib/wfScanEngine.php:~~1897~~
6990	msgid "Your WordPress version is out of date"
6991	msgstr ""
6992
6993	#. translators: Software version.
6994	- #: lib/wfScanEngine.php:~~1898~~
6995	msgid "WordPress version %s is now available. Please upgrade immediately to get the latest security updates from WordPress."
6996	msgstr ""
6997
6998	#. translators: 1. Plugin name. 2. Software version. 3. Software version.
6999	- #: lib/wfScanEngine.php:~~1925~~
7000	msgid "The Plugin \"%1$s\" needs an upgrade (%2$s -> %3$s)."
7001	msgstr ""
7002
7003	#. translators: Theme name.
7004	- #: lib/wfScanEngine.php:~~1932~~
7005	- #: lib/wfScanEngine.php:~~1966~~
7006	msgid "You need to upgrade \"%s\" to the newest version to ensure you have any security fixes the developer has released."
7007	msgstr ""
7008
7009	#. translators: 1. Theme name. 2. Software version. 3. Software version.
7010	- #: lib/wfScanEngine.php:~~1959~~
7011	msgid "The Theme \"%1$s\" needs an upgrade (%2$s -> %3$s)."
7012	msgstr ""
7013
7014	#. translators: 1. Plugin name. 2. Software version. 3. Software version.
7015	- #: lib/wfScanEngine.php:~~2010~~
7016	msgid "The Plugin \"%1$s\" appears to be abandoned (updated %2$s, tested to WP %3$s)."
7017	msgstr ""
7018
7019	#. translators: 1. Plugin name. 2. Software version.
7020	- #: lib/wfScanEngine.php:~~2017~~
7021	msgid "It was last updated %1$s ago and tested up to WordPress %2$s."
7022	msgstr ""
7023
7024	#. translators: 1. Plugin name. 2. Software version.
7025	- #: lib/wfScanEngine.php:~~2024~~
7026	msgid "The Plugin \"%1$s\" appears to be abandoned (updated %2$s)."
7027	msgstr ""
7028
7029	#. translators: Time duration.
7030	- #: lib/wfScanEngine.php:~~2030~~
7031	msgid "It was last updated %s ago."
7032	msgstr ""
7033
7034	- #: lib/wfScanEngine.php:~~2036~~
7035	- #: lib/wfScanEngine.php:~~2075~~
7036	msgid "It has unpatched security issues and may have compatibility problems with the current version of WordPress."
7037	msgstr ""
7038
7039	- #: lib/wfScanEngine.php:~~2038~~
7040	- #: lib/wfScanEngine.php:~~2077~~
7041	msgid "Plugins can be removed from wordpress.org for various reasons. This can include benign issues like a plugin author discontinuing development or moving the plugin distribution to their own site, but some might also be due to security issues. In any case, future updates may or may not be available, so it is worth investigating the cause and deciding whether to temporarily or permanently replace or remove the plugin."
7042	msgstr ""
7043
7044	#. translators: Support URL.
7045	- #: lib/wfScanEngine.php:~~2042~~
7046	- #: lib/wfScanEngine.php:~~2081~~
7047	- #: lib/wfScanEngine.php:~~2269~~
7048	- #: lib/wfScanEngine.php:~~2311~~
7049	msgid "<a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">Get more information.<span class=\"screen-reader-text\"> ("
7050	msgstr ""
7051
7052	#. translators: Plugin name.
7053	- #: lib/wfScanEngine.php:~~2073~~
7054	msgid "The Plugin \"%s\" has been removed from wordpress.org."
7055	msgstr ""
7056
7057	- #: lib/wfScanEngine.php:~~2126~~
7058	msgid "Scanning for admin users not created through WordPress"
7059	msgstr ""
7060
7061	#. translators: WordPress username.
7062	- #: lib/wfScanEngine.php:~~2148~~
7063	msgid "An admin user with the username %s was created outside of WordPress."
7064	msgstr ""
7065
7066	#. translators: WordPress username.
7067	- #: lib/wfScanEngine.php:~~2149~~
7068	msgid "An admin user with the username %s was created outside of WordPress. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it."
7069	msgstr ""
7070
7071	#. translators: WordPress username.
7072	- #: lib/wfScanEngine.php:~~2175~~
7073	msgid "An admin user with a suspicious username %s was found."
7074	msgstr ""
7075
7076	#. translators: WordPress username.
7077	- #: lib/wfScanEngine.php:~~2176~~
7078	msgid "An admin user with a suspicious username %s was found. Administrators accounts with usernames similar to this are commonly seen created by hackers. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it."
7079	msgstr ""
7080
7081	- #: lib/wfScanEngine.php:~~2197~~
7082	msgid "Scanning for suspicious site options"
7083	msgstr ""
7084
7085	- #: lib/wfScanEngine.php:~~2232~~
7086	msgid "Examining URLs found in the options we scanned for dangerous websites"
7087	msgstr ""
7088
7089	#. translators: URL.
7090	- #: lib/wfScanEngine.php:~~2256~~
7091	- #: lib/wfScanEngine.php:~~2262~~
7092	msgid "Option contains a suspected malware URL: %s"
7093	msgstr ""
7094
7095	#. translators: URL.
7096	- #: lib/wfScanEngine.php:~~2257~~
7097	msgid "This option contains a suspected malware URL listed on Google's list of malware sites. It may indicate your site is infected with malware. The URL is: %s"
7098	msgstr ""
7099
7100	#. translators: URL.
7101	- #: lib/wfScanEngine.php:~~2259~~
7102	msgid "Option contains a suspected phishing site URL: %s"
7103	msgstr ""
7104
7105	#. translators: URL.
7106	- #: lib/wfScanEngine.php:~~2260~~
7107	msgid "This option contains a URL that is a suspected phishing site that is currently listed on Google's list of known phishing sites. It may indicate your site is infected with malware. The URL is: %s"
7108	msgstr ""
7109
7110	#. translators: URL.
7111	- #: lib/wfScanEngine.php:~~2263~~
7112	msgid "This option contains a URL that is currently listed on Wordfence's domain blocklist. It may indicate your site is infected with malware. The URL is: %s"
7113	msgstr ""
7114
7115	- #: lib/wfScanEngine.php:~~2303~~
7116	msgid "Checking for future GeoIP support"
7117	msgstr ""
7118
7119	- #: lib/wfScanEngine.php:~~2308~~
7120	msgid "PHP Update Needed for Country Blocking"
7121	msgstr ""
7122
7123	#. translators: Software version.
7124	- #: lib/wfScanEngine.php:~~2309~~
7125	msgid "The GeoIP database that is required for country blocking has been updated to a new format. This new format requires sites to run PHP 5.4 or newer, and this site is on PHP %s. To ensure country blocking continues functioning, please update PHP."
7126	msgstr ""
7127
7128	- #: lib/wfScanEngine.php:~~2358~~
7129	msgid "Previous scan was stopped successfully."
7130	msgstr ""
7131
7132	- #: lib/wfScanEngine.php:~~2359~~
7133	msgid "Scan was stopped on administrator request."
7134	msgstr ""
7135
7136	- #: lib/wfScanEngine.php:~~2375~~
7137	msgid "Entering start scan routine"
7138	msgstr ""
7139
7140	- #: lib/wfScanEngine.php:~~2378~~
7141	msgid "A scan is already running. Use the stop scan button if you would like to terminate the current scan."
7142	msgstr ""
7143
7144	#. translators: Support URL.
7145	- #: lib/wfScanEngine.php:~~2396~~
7146	msgid "Test result of scan start URL fetch: %s"
7147	msgstr ""
7148
7149	#. translators: WordPress admin panel URL.
7150	- #: lib/wfScanEngine.php:~~2405~~
7151	msgid "Starting cron with normal ajax at URL %s"
7152	msgstr ""
7153
7154	#. translators: Error message.
7155	#. translators: WordPress admin panel URL.
7156	- #: lib/wfScanEngine.php:~~2427~~
7157	- #: lib/wfScanEngine.php:~~2462~~
7158	msgid "There was an error starting the scan: %s."
7159	msgstr ""
7160
7161	- #: lib/wfScanEngine.php:~~2429~~
7162	- #: lib/wfScanEngine.php:~~2464~~
7163	msgid "There was an unknown error starting the scan."
7164	msgstr ""
7165
7166	- #: lib/wfScanEngine.php:~~2436~~
7167	- #: lib/wfScanEngine.php:~~2470~~
7168	msgid "Scan process ended after forking."
7169	msgstr ""
7170
7171	#. translators: WordPress admin panel URL.
7172	- #: lib/wfScanEngine.php:~~2440~~
7173	msgid "Starting cron via proxy at URL %s"
7174	msgstr ""
7175
7176	#. translators: Time in seconds.
7177	- #: lib/wfScanEngine.php:~~2516~~
7178	msgid "Got value from wf config maxExecutionTime: %s"
7179	msgstr ""
7180
7181	#. translators: Time in seconds.
7182	- #: lib/wfScanEngine.php:~~2520~~
7183	msgid "getMaxExecutionTime() returning config value: %s"
7184	msgstr ""
7185
7186	#. translators: PHP ini value.
7187	- #: lib/wfScanEngine.php:~~2527~~
7188	msgid "Got max_execution_time value from ini: %s"
7189	msgstr ""
7190
7191	#. translators: 1. PHP ini setting. 2. Time in seconds.
7192	- #: lib/wfScanEngine.php:~~2534~~
7193	msgid "ini value of %1$d is higher than value for WORDFENCE_SCAN_MAX_INI_EXECUTION_TIME (%2$d), reducing"
7194	msgstr ""
7195
7196	#. translators: PHP ini setting.
7197	- #: lib/wfScanEngine.php:~~2544~~
7198	msgid "getMaxExecutionTime() returning half ini value: %d"
7199	msgstr ""
7200
7201	- #: lib/wfScanEngine.php:~~2550~~
7202	msgid "getMaxExecutionTime() returning default of: 15"
7203	msgstr ""
7204
7205	#. translators: 1. HTTP status code.
7206	- #: lib/wfScanEngine.php:~~2752~~
7207	msgid "Got error response from Wordfence servers: %s"
7208	msgstr ""
7209
7210	- #: lib/wfScanEngine.php:~~2756~~
7211	msgid "Invalid response from Wordfence servers."
7212	msgstr ""
7213
	@@ -9562,126 +9574,130 @@ msgstr ""
9562	msgid "This file's signature matches a known malware file. The title of the malware is '%s'. Immediately inspect this file using the 'View' option below and consider deleting it from your server."
9563	msgstr ""
9564




9565	#. translators: File path.
9566	- #: lib/wordfenceHash.php:~~285~~
9567	- #: lib/wordfenceHash.php:~~314~~
9568	msgid "Found .suspected file: %s"
9569	msgstr ""
9570
9571	#. translators: File path.
9572	- #: lib/wordfenceHash.php:~~294~~
9573	- #: lib/wordfenceHash.php:~~323~~
9574	msgid "Skipping unneeded hash: %s"
9575	msgstr ""
9576
9577	#. translators: Number of files.
9578	- #: lib/wordfenceHash.php:~~350~~
9579	msgid "%d files indexed"
9580	msgstr ""
9581
9582	#. translators: File path.
9583	- #: lib/wordfenceHash.php:~~387~~
9584	msgid "Forking during indexing: %s"
9585	msgstr ""
9586
9587	#. translators: PHP max execution time.
9588	- #: lib/wordfenceHash.php:~~390~~
9589	msgid "Calling fork() from wordfenceHash with maxExecTime: %s"
9590	msgstr ""
9591
9592	#. translators: File path.
9593	- #: lib/wordfenceHash.php:~~427~~
9594	msgid "Skipping file larger than max size: %s"
9595	msgstr ""
9596
9597	#. translators: 1. File path. 2. Memory in bytes.
9598	- #: lib/wordfenceHash.php:~~432~~
9599	msgid "Scanning: %1$s (Mem:%2$s)"
9600	msgstr ""
9601
9602	#. translators: File path.
9603	- #: lib/wordfenceHash.php:~~435~~
9604	msgid "Scanning: %s"
9605	msgstr ""
9606
9607	#. translators: File path.
9608	- #: lib/wordfenceHash.php:~~475~~
9609	msgid "WordPress core file modified: %s"
9610	msgstr ""
9611
9612	#. translators: File path.
9613	- #: lib/wordfenceHash.php:~~476~~
9614	msgid "This WordPress core file has been modified and differs from the original file distributed with this version of WordPress."
9615	msgstr ""
9616
9617	#. translators: File path.
9618	- #: lib/wordfenceHash.php:~~512~~
9619	msgid "Modified plugin file: %s"
9620	msgstr ""
9621
9622	#. translators: 1. Plugin name. 2. Plugin version. 3. Support URL.
9623	- #: lib/wordfenceHash.php:~~515~~
9624	msgid "This file belongs to plugin \"%1$s\" version \"%2$s\" and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don't manage their code correctly. <a href=\"%3$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9625	msgstr ""
9626
9627	#. translators: File path.
9628	- #: lib/wordfenceHash.php:~~559~~
9629	msgid "Modified theme file: %s"
9630	msgstr ""
9631
9632	#. translators: 1. Plugin name. 2. Plugin version. 3. Support URL.
9633	- #: lib/wordfenceHash.php:~~562~~
9634	msgid "This file belongs to theme \"%1$s\" version \"%2$s\" and has been modified from the original distribution. It is common for site owners to modify their theme files, so if you have modified this file yourself you can safely ignore this warning. <a href=\"%3$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9635	msgstr ""
9636
9637	#. translators: File path.
9638	- #: lib/wordfenceHash.php:~~596~~
9639	msgid "Old WordPress core file not removed during update: %s"
9640	msgstr ""
9641
9642	#. translators: File path.
9643	- #: lib/wordfenceHash.php:~~597~~
9644	msgid "This file is in a WordPress core location but is from an older version of WordPress and not used with your current version. Hosting or permissions issues can cause these files to get left behind when WordPress is updated and they should be removed if possible."
9645	msgstr ""
9646
9647	#. translators: File path.
9648	- #: lib/wordfenceHash.php:~~614~~
9649	- #: lib/wordfenceHash.php:~~635~~
9650	msgid "Unknown file in WordPress core: %s"
9651	msgstr ""
9652
9653	#. translators: File path.
9654	- #: lib/wordfenceHash.php:~~615~~
9655	msgid "This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker."
9656	msgstr ""
9657
9658	#. translators: Support URL.
9659	- #: lib/wordfenceHash.php:~~636~~
9660	msgid "This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker. <a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9661	msgstr ""
9662
9663	#. translators: 1. Number of files. 2. Data in bytes.
9664	- #: lib/wordfenceHash.php:~~665~~
9665	msgid "Analyzed %1$d files containing %2$s of data so far"
9666	msgstr ""
9667
9668	#. translators: Number of scan results.
9669	- #: lib/wordfenceHash.php:~~749~~
9670	msgid "(+ %d more)"
9671	msgstr ""
9672
9673	#. translators: Number of files.
9674	- #: lib/wordfenceHash.php:~~750~~
9675	msgid "%d more similar files were found."
9676	msgstr ""
9677
9678	#. translators: Number of files.
9679	- #: lib/wordfenceHash.php:~~750~~
9680	msgid "1 more similar file was found."
9681	msgstr ""
9682
9683	#. translators: Number of files.
9684	- #: lib/wordfenceHash.php:~~750~~
9685	msgid "<a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9686	msgstr ""
9687
	@@ -9787,7 +9803,7 @@ msgid "Asking Wordfence to check URLs against malware list."
9787	msgstr ""
9788
9789	#: lib/wordfenceScanner.php:526
9790	- #: lib/wordfenceScanner.php:~~568~~
9791	msgid "File contains suspected malware URL: "
9792	msgstr ""
9793
	@@ -9796,24 +9812,24 @@ msgstr ""
9796	msgid "This file contains a suspected malware URL listed on Google's list of malware sites. Wordfence decodes %1$s when scanning files so the URL may not be visible if you view this file. The URL is: %2$s - More info available at <a href=\"http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%3$s&client=googlechrome&hl=en-US\" target=\"_blank\" rel=\"noopener noreferrer\">Google Safe Browsing diagnostic page<span class=\"screen-reader-text\"> (opens in new tab)</span></a>."
9797	msgstr ""
9798
9799	- #: lib/wordfenceScanner.php:~~550~~
9800	msgid "File contains suspected phishing URL: "
9801	msgstr ""
9802
9803	- #: lib/wordfenceScanner.php:~~551~~
9804	msgid "This file contains a URL that is a suspected phishing site that is currently listed on Google's list of known phishing sites. The URL is: "
9805	msgstr ""
9806
9807	- #: lib/wordfenceScanner.php:~~569~~
9808	msgid "This file contains a URL that is currently listed on Wordfence's domain blocklist. The URL is: "
9809	msgstr ""
9810
9811	- #: lib/wordfenceScanner.php:~~585~~
9812	msgid "Finalizing malware scan results"
9813	msgstr ""
9814
9815	#. translators: 1. Number of fils. 2. Seconds in millisecond precision.
9816	- #: lib/wordfenceScanner.php:~~607~~
9817	msgid "Scanned contents of %1$d additional files at %2$.2f per second"
9818	msgstr ""
9819


2	# This file is distributed under the same license as the Wordfence Security plugin.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Wordfence Security 7.5.11\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/src\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	+ "POT-Creation-Date: 2022-06-14T13:03:48-04:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: wordfence\n"

240	#: lib/wfScanEngine.php:699
241	#: lib/wfScanEngine.php:722
242	#: lib/wfScanEngine.php:797
243	+ #: lib/wfScanEngine.php:1026
244	+ #: lib/wfScanEngine.php:1027
245	+ #: lib/wfScanEngine.php:1168
246	+ #: lib/wfScanEngine.php:1305
247	+ #: lib/wfScanEngine.php:1448
248	+ #: lib/wfScanEngine.php:1812
249	+ #: lib/wfScanEngine.php:2058
250	+ #: lib/wfScanEngine.php:2097
251	+ #: lib/wfScanEngine.php:2285
252	+ #: lib/wfScanEngine.php:2327
253	#: lib/wfVersionCheckController.php:68
254	#: lib/wfVersionCheckController.php:91
255	#: lib/wfVersionCheckController.php:167

280	#: lib/wordfenceClass.php:8237
281	#: lib/wordfenceClass.php:8283
282	#: lib/wordfenceClass.php:9005
283	+ #: lib/wordfenceHash.php:521
284	+ #: lib/wordfenceHash.php:568
285	+ #: lib/wordfenceHash.php:642
286	+ #: lib/wordfenceHash.php:756
287	#: views/blocking/block-list.php:35
288	#: views/blocking/blocking-create.php:179
289	#: views/blocking/blocking-status.php:27

6654	msgid "Check if your site is being Spamvertized is for paid members only"
6655	msgstr ""
6656
6657	+ #: lib/wfScanEngine.php:937
6658	+ msgid "Ignoring invalid scan path: %s"
6659	+ msgstr ""
6660	+
6661	+ #: lib/wfScanEngine.php:960
6662	+ msgid "Ignoring invalid expected scan file: %s"
6663	+ msgstr ""
6664	+
6665	+ #: lib/wfScanEngine.php:965
6666	msgid "Wordfence could not read the content of your WordPress directory. This usually indicates your permissions are so strict that your web server can't read your WordPress directory."
6667	msgstr ""
6668
6669	+ #: lib/wfScanEngine.php:974
6670	+ msgid "Ignoring invalid base scan file: %s"
6671	+ msgstr ""
6672	+
6673	+ #: lib/wfScanEngine.php:988
6674	msgid "Checking for paths skipped due to scan settings"
6675	msgstr ""
6676
6677	#. translators: Number of paths skipped in scan.
6678	+ #: lib/wfScanEngine.php:998
6679	msgid ", and %d more."
6680	msgstr ""
6681
6682	#. translators: Number of paths skipped in scan.
6683	+ #: lib/wfScanEngine.php:1022
6684	msgid "%d path was skipped for the malware scan due to scan settings"
6685	msgid_plural "%d paths were skipped for the malware scan due to scan settings"
6686	msgstr[0] ""
6687	msgstr[1] ""
6688
6689	#. translators: 1. Number of paths skipped in scan. 2. Support URL. 3. List of skipped paths.
6690	+ #: lib/wfScanEngine.php:1025
6691	msgid "The option \"Scan files outside your WordPress installation\" is off by default, which means %1$d path and its file(s) will not be scanned for malware or unauthorized changes. To continue skipping this path, you may ignore this issue. Or to start scanning it, enable the option and subsequent scans will include it. Some paths may not be necessary to scan, so this is optional. <a href=\"%2$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
6692	msgid_plural "The option \"Scan files outside your WordPress installation\" is off by default, which means %1$d paths and their file(s) will not be scanned for malware or unauthorized changes. To continue skipping these paths, you may ignore this issue. Or to start scanning them, enable the option and subsequent scans will include them. Some paths may not be necessary to scan, so this is optional. <a href=\"%2$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
6693	msgstr[0] ""
6694	msgstr[1] ""
6695
6696	+ #: lib/wfScanEngine.php:1053
6697	msgid "Including files that are outside the WordPress installation in the scan."
6698	msgstr ""
6699
6700	+ #: lib/wfScanEngine.php:1056
6701	msgid "Getting plugin list from WordPress"
6702	msgstr ""
6703
6704	#. translators: Number of plugins.
6705	+ #: lib/wfScanEngine.php:1058
6706	msgid "Found %d plugin"
6707	msgid_plural "Found %d plugins"
6708	msgstr[0] ""
6709	msgstr[1] ""
6710
6711	+ #: lib/wfScanEngine.php:1060
6712	msgid "Getting theme list from WordPress"
6713	msgstr ""
6714
6715	#. translators: Number of themes.
6716	+ #: lib/wfScanEngine.php:1062
6717	msgid "Found %d theme"
6718	msgid_plural "Found %d themes"
6719	msgstr[0] ""
6720	msgstr[1] ""
6721
6722	+ #: lib/wfScanEngine.php:1079
6723	msgid "Scanning file contents for infections and vulnerabilities"
6724	msgstr ""
6725
6726	+ #: lib/wfScanEngine.php:1082
6727	msgid "Skipping scan of file contents for infections and vulnerabilities"
6728	msgstr ""
6729
6730	+ #: lib/wfScanEngine.php:1086
6731	msgid "Scanning file contents for URLs on a domain blocklist"
6732	msgstr ""
6733
6734	+ #: lib/wfScanEngine.php:1089
6735	msgid "Skipping scan of file contents for URLs on a domain blocklist"
6736	msgstr ""
6737
6738	+ #: lib/wfScanEngine.php:1094
6739	msgid "Starting scan of file contents"
6740	msgstr ""
6741
6742	+ #: lib/wfScanEngine.php:1110
6743	msgid "Done file contents scan"
6744	msgstr ""
6745
6746	#. translators: Scan result description.
6747	+ #: lib/wfScanEngine.php:1118
6748	+ #: lib/wfScanEngine.php:2287
6749	+ #: lib/wfScanEngine.php:2329
6750	msgid "Adding issue: %s"
6751	msgstr ""
6752
6753	+ #: lib/wfScanEngine.php:1151
6754	msgid "Scanning for publicly accessible quarantined files"
6755	msgstr ""
6756
6757	#. translators: File path.
6758	+ #: lib/wfScanEngine.php:1156
6759	msgid "Testing accessibility of: %s"
6760	msgstr ""
6761
6762	#. translators: File path.
6763	+ #: lib/wfScanEngine.php:1165
6764	msgid "Publicly accessible quarantined file found: %s"
6765	msgstr ""
6766
6767	#. translators: URL to publicly accessible file.
6768	+ #: lib/wfScanEngine.php:1168
6769	msgid "<a href=\"%1$s\" target=\"_blank\" rel=\"noopener noreferrer\">%1$s<span class=\"screen-reader-text\"> ("
6770	msgstr ""
6771
6772	+ #: lib/wfScanEngine.php:1192
6773	msgid "Scanning posts for URLs on a domain blocklist"
6774	msgstr ""
6775
6776	#. translators: Number of posts left to scan.
6777	+ #: lib/wfScanEngine.php:1215
6778	msgid "Scanning posts with %d left to scan."
6779	msgstr ""
6780
6781	+ #: lib/wfScanEngine.php:1237
6782	msgid "Post title contains suspicious code"
6783	msgstr ""
6784
6785	+ #: lib/wfScanEngine.php:1238
6786	msgid "This post contains code that is suspicious. Please check the title of the post and confirm that the code in the title is not malicious."
6787	msgstr ""
6788
6789	+ #: lib/wfScanEngine.php:1261
6790	msgid "Examining URLs found in posts we scanned for dangerous websites"
6791	msgstr ""
6792
6793	+ #: lib/wfScanEngine.php:1263
6794	+ #: lib/wfScanEngine.php:2250
6795	msgid "Done examining URLs"
6796	msgstr ""
6797
6798	#. translators: 1. WordPress Post type. 2. URL.
6799	+ #: lib/wfScanEngine.php:1299
6800	+ #: lib/wfScanEngine.php:1319
6801	msgid "%1$s contains a suspected malware URL: %2$s"
6802	msgstr ""
6803
6804	#. translators: 1. WordPress Post type. 2. URL. 3. URL.
6805	#. translators: 1. WordPress post type. 2. URL. 3. URL.
6806	+ #: lib/wfScanEngine.php:1305
6807	+ #: lib/wfScanEngine.php:1448
6808	msgid "This %1$s contains a suspected malware URL listed on Google's list of malware sites. The URL is: %2$s - More info available at <a href=\"http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%3$s&client=googlechrome&hl=en-US\" target=\"_blank\" rel=\"noopener noreferrer\">Google Safe Browsing diagnostic page<span class=\"screen-reader-text\"> ("
6809	msgstr ""
6810
6811	#. translators: 1. WordPress Post type. 2. URL.
6812	+ #: lib/wfScanEngine.php:1311
6813	msgid "%1$s contains a suspected phishing site URL: %2$s"
6814	msgstr ""
6815
6816	#. translators: 1. WordPress Post type. 2. URL.
6817	#. translators: 1. WordPress post type. 2. URL.
6818	+ #: lib/wfScanEngine.php:1314
6819	+ #: lib/wfScanEngine.php:1457
6820	msgid "This %1$s contains a URL that is a suspected phishing site that is currently listed on Google's list of known phishing sites. The URL is: %2$s"
6821	msgstr ""
6822
6823	#. translators: 1. WordPress Post type. 2. URL.
6824	#. translators: 1. WordPress post type. 2. URL.
6825	+ #: lib/wfScanEngine.php:1322
6826	+ #: lib/wfScanEngine.php:1465
6827	msgid "This %1$s contains a URL that is currently listed on Wordfence's domain blocklist. The URL is: %2$s"
6828	msgstr ""
6829
6830	#. translators: Scan result description.
6831	+ #: lib/wfScanEngine.php:1331
6832	msgid "Adding issue: %1$s"
6833	msgstr ""
6834
6835	+ #: lib/wfScanEngine.php:1367
6836	msgid "Scanning comments for URLs on a domain blocklist"
6837	msgstr ""
6838
6839	#. translators: Number of comments left to scan.
6840	+ #: lib/wfScanEngine.php:1391
6841	msgid "Scanning comments with %d left to scan."
6842	msgstr ""
6843
6844	#. translators: 1. WordPress post type. 2. WordPress author username.
6845	+ #: lib/wfScanEngine.php:1445
6846	msgid "%1$s with author %2$s contains a suspected malware URL."
6847	msgstr ""
6848
6849	#. translators: WordPress post type.
6850	+ #: lib/wfScanEngine.php:1454
6851	msgid "%s contains a suspected phishing site URL."
6852	msgstr ""
6853
6854	#. translators: URL.
6855	+ #: lib/wfScanEngine.php:1462
6856	msgid "%s contains a suspected malware URL."
6857	msgstr ""
6858
6859	#. translators: WordPress username.
6860	+ #: lib/wfScanEngine.php:1510
6861	msgid "Author: %s"
6862	msgstr ""
6863
6864	#. translators: Email address.
6865	+ #: lib/wfScanEngine.php:1513
6866	msgid "Email: %s"
6867	msgstr ""
6868
6869	#. translators: IP address.
6870	+ #: lib/wfScanEngine.php:1515
6871	msgid "Source IP: %s"
6872	msgstr ""
6873
6874	#. translators: Comment description.
6875	+ #: lib/wfScanEngine.php:1516
6876	msgid "Scanning comment with %s"
6877	msgstr ""
6878
6879	#. translators: Comment description.
6880	+ #: lib/wfScanEngine.php:1529
6881	+ #: lib/wfScanEngine.php:1535
6882	msgid "Marking comment as spam for containing a malware URL. Comment has %s"
6883	msgstr ""
6884
6885	#. translators: Comment description.
6886	+ #: lib/wfScanEngine.php:1532
6887	msgid "Marking comment as spam for containing a phishing URL. Comment has %s"
6888	msgstr ""
6889
6890	#. translators: Comment description.
6891	+ #: lib/wfScanEngine.php:1542
6892	msgid "Scanned comment with %s"
6893	msgstr ""
6894
6895	+ #: lib/wfScanEngine.php:1593
6896	msgid "Scanning for weak passwords"
6897	msgstr ""
6898
6899	+ #: lib/wfScanEngine.php:1604
6900	msgid "We were unable to generate the user list for your password check."
6901	msgstr ""
6902
6903	#. translators: Number of users.
6904	+ #: lib/wfScanEngine.php:1620
6905	msgid "Starting password strength check on %d user."
6906	msgid_plural "Starting password strength check on %d users."
6907	msgstr[0] ""
6908	msgstr[1] ""
6909
6910	#. translators: Number of users.
6911	+ #: lib/wfScanEngine.php:1629
6912	msgid "Total of %d users left to process in password strength check."
6913	msgid_plural "Total of %d users left to process in password strength check."
6914	msgstr[0] ""
6915	msgstr[1] ""
6916
6917	#. translators: WordPress user ID.
6918	+ #: lib/wfScanEngine.php:1664
6919	msgid "Could not get username for user with ID %d when checking password strength."
6920	msgstr ""
6921
6922	#. translators: 1. WordPress username. 2. WordPress user ID.
6923	+ #: lib/wfScanEngine.php:1670
6924	msgid "Checking password strength of user '%1$s' with ID %2$d"
6925	msgstr ""
6926
6927	#. translators: 1. WordPress username. 2. WordPress capability.
6928	+ #: lib/wfScanEngine.php:1678
6929	msgid "User \"%1$s\" with \"%2$s\" access has an easy password."
6930	msgstr ""
6931
6932	#. translators: WordPress capability.
6933	+ #: lib/wfScanEngine.php:1684
6934	msgid "A user with the a role of '%s' has a password that is easy to guess. Please change this password yourself or ask the user to change it."
6935	msgstr ""
6936
6937	#. translators: WordPress username.
6938	+ #: lib/wfScanEngine.php:1692
6939	msgid "User \"%s\" with 'subscriber' access has a very easy password."
6940	msgstr ""
6941
6942	+ #: lib/wfScanEngine.php:1693
6943	msgid "A user with 'subscriber' access has a password that is very easy to guess. Please either change it or ask the user to change their password."
6944	msgstr ""
6945
6946	#. translators: Scan result description.
6947	+ #: lib/wfScanEngine.php:1700
6948	msgid "Adding issue %s"
6949	msgstr ""
6950
6951	#. translators: WordPress username.
6952	+ #: lib/wfScanEngine.php:1717
6953	msgid "Completed checking password strength of user '%s'"
6954	msgstr ""
6955
6956	+ #: lib/wfScanEngine.php:1750
6957	msgid "Scanning to check available disk space"
6958	msgstr ""
6959
6960	+ #: lib/wfScanEngine.php:1757
6961	msgid "Unable to access available disk space information"
6962	msgstr ""
6963
6964	#. translators: 1. Number of bytes. 2. Number of bytes.
6965	+ #: lib/wfScanEngine.php:1766
6966	msgid "Total disk space: %1$s -- Free disk space: %2$s"
6967	msgstr ""
6968
6969	#. translators: Number of bytes.
6970	+ #: lib/wfScanEngine.php:1771
6971	msgid "The disk has %s MB available"
6972	msgstr ""
6973
6974	#. translators: Number of bytes.
6975	+ #: lib/wfScanEngine.php:1786
6976	msgid "You have %s disk space remaining"
6977	msgstr ""
6978
6979	#. translators: Number of bytes.
6980	+ #: lib/wfScanEngine.php:1787
6981	msgid "You only have %s of your disk space remaining. Please free up disk space or your website may stop serving requests."
6982	msgstr ""
6983
6984	+ #: lib/wfScanEngine.php:1800
6985	msgid "Checking Web Application Firewall status"
6986	msgstr ""
6987
6988	+ #: lib/wfScanEngine.php:1811
6989	msgid "Web Application Firewall is disabled"
6990	msgstr ""
6991
6992	#. translators: Support URL.
6993	+ #: lib/wfScanEngine.php:1812
6994	msgid "Wordfence's Web Application Firewall has been unexpectedly disabled. If you see a notice at the top of the Wordfence admin pages that says \"The Wordfence Web Application Firewall cannot run,\" click the link in that message to rebuild the configuration. If this does not work, you may need to fix file permissions. <a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">More Details<span class=\"screen-reader-text\"> ("
6995	msgstr ""
6996
6997	+ #: lib/wfScanEngine.php:1827
6998	msgid "Scanning for old themes, plugins and core files"
6999	msgstr ""
7000
7001	+ #: lib/wfScanEngine.php:1913
7002	msgid "Your WordPress version is out of date"
7003	msgstr ""
7004
7005	#. translators: Software version.
7006	+ #: lib/wfScanEngine.php:1914
7007	msgid "WordPress version %s is now available. Please upgrade immediately to get the latest security updates from WordPress."
7008	msgstr ""
7009
7010	#. translators: 1. Plugin name. 2. Software version. 3. Software version.
7011	+ #: lib/wfScanEngine.php:1941
7012	msgid "The Plugin \"%1$s\" needs an upgrade (%2$s -> %3$s)."
7013	msgstr ""
7014
7015	#. translators: Theme name.
7016	+ #: lib/wfScanEngine.php:1948
7017	+ #: lib/wfScanEngine.php:1982
7018	msgid "You need to upgrade \"%s\" to the newest version to ensure you have any security fixes the developer has released."
7019	msgstr ""
7020
7021	#. translators: 1. Theme name. 2. Software version. 3. Software version.
7022	+ #: lib/wfScanEngine.php:1975
7023	msgid "The Theme \"%1$s\" needs an upgrade (%2$s -> %3$s)."
7024	msgstr ""
7025
7026	#. translators: 1. Plugin name. 2. Software version. 3. Software version.
7027	+ #: lib/wfScanEngine.php:2026
7028	msgid "The Plugin \"%1$s\" appears to be abandoned (updated %2$s, tested to WP %3$s)."
7029	msgstr ""
7030
7031	#. translators: 1. Plugin name. 2. Software version.
7032	+ #: lib/wfScanEngine.php:2033
7033	msgid "It was last updated %1$s ago and tested up to WordPress %2$s."
7034	msgstr ""
7035
7036	#. translators: 1. Plugin name. 2. Software version.
7037	+ #: lib/wfScanEngine.php:2040
7038	msgid "The Plugin \"%1$s\" appears to be abandoned (updated %2$s)."
7039	msgstr ""
7040
7041	#. translators: Time duration.
7042	+ #: lib/wfScanEngine.php:2046
7043	msgid "It was last updated %s ago."
7044	msgstr ""
7045
7046	+ #: lib/wfScanEngine.php:2052
7047	+ #: lib/wfScanEngine.php:2091
7048	msgid "It has unpatched security issues and may have compatibility problems with the current version of WordPress."
7049	msgstr ""
7050
7051	+ #: lib/wfScanEngine.php:2054
7052	+ #: lib/wfScanEngine.php:2093
7053	msgid "Plugins can be removed from wordpress.org for various reasons. This can include benign issues like a plugin author discontinuing development or moving the plugin distribution to their own site, but some might also be due to security issues. In any case, future updates may or may not be available, so it is worth investigating the cause and deciding whether to temporarily or permanently replace or remove the plugin."
7054	msgstr ""
7055
7056	#. translators: Support URL.
7057	+ #: lib/wfScanEngine.php:2058
7058	+ #: lib/wfScanEngine.php:2097
7059	+ #: lib/wfScanEngine.php:2285
7060	+ #: lib/wfScanEngine.php:2327
7061	msgid "<a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">Get more information.<span class=\"screen-reader-text\"> ("
7062	msgstr ""
7063
7064	#. translators: Plugin name.
7065	+ #: lib/wfScanEngine.php:2089
7066	msgid "The Plugin \"%s\" has been removed from wordpress.org."
7067	msgstr ""
7068
7069	+ #: lib/wfScanEngine.php:2142
7070	msgid "Scanning for admin users not created through WordPress"
7071	msgstr ""
7072
7073	#. translators: WordPress username.
7074	+ #: lib/wfScanEngine.php:2164
7075	msgid "An admin user with the username %s was created outside of WordPress."
7076	msgstr ""
7077
7078	#. translators: WordPress username.
7079	+ #: lib/wfScanEngine.php:2165
7080	msgid "An admin user with the username %s was created outside of WordPress. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it."
7081	msgstr ""
7082
7083	#. translators: WordPress username.
7084	+ #: lib/wfScanEngine.php:2191
7085	msgid "An admin user with a suspicious username %s was found."
7086	msgstr ""
7087
7088	#. translators: WordPress username.
7089	+ #: lib/wfScanEngine.php:2192
7090	msgid "An admin user with a suspicious username %s was found. Administrators accounts with usernames similar to this are commonly seen created by hackers. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it."
7091	msgstr ""
7092
7093	+ #: lib/wfScanEngine.php:2213
7094	msgid "Scanning for suspicious site options"
7095	msgstr ""
7096
7097	+ #: lib/wfScanEngine.php:2248
7098	msgid "Examining URLs found in the options we scanned for dangerous websites"
7099	msgstr ""
7100
7101	#. translators: URL.
7102	+ #: lib/wfScanEngine.php:2272
7103	+ #: lib/wfScanEngine.php:2278
7104	msgid "Option contains a suspected malware URL: %s"
7105	msgstr ""
7106
7107	#. translators: URL.
7108	+ #: lib/wfScanEngine.php:2273
7109	msgid "This option contains a suspected malware URL listed on Google's list of malware sites. It may indicate your site is infected with malware. The URL is: %s"
7110	msgstr ""
7111
7112	#. translators: URL.
7113	+ #: lib/wfScanEngine.php:2275
7114	msgid "Option contains a suspected phishing site URL: %s"
7115	msgstr ""
7116
7117	#. translators: URL.
7118	+ #: lib/wfScanEngine.php:2276
7119	msgid "This option contains a URL that is a suspected phishing site that is currently listed on Google's list of known phishing sites. It may indicate your site is infected with malware. The URL is: %s"
7120	msgstr ""
7121
7122	#. translators: URL.
7123	+ #: lib/wfScanEngine.php:2279
7124	msgid "This option contains a URL that is currently listed on Wordfence's domain blocklist. It may indicate your site is infected with malware. The URL is: %s"
7125	msgstr ""
7126
7127	+ #: lib/wfScanEngine.php:2319
7128	msgid "Checking for future GeoIP support"
7129	msgstr ""
7130
7131	+ #: lib/wfScanEngine.php:2324
7132	msgid "PHP Update Needed for Country Blocking"
7133	msgstr ""
7134
7135	#. translators: Software version.
7136	+ #: lib/wfScanEngine.php:2325
7137	msgid "The GeoIP database that is required for country blocking has been updated to a new format. This new format requires sites to run PHP 5.4 or newer, and this site is on PHP %s. To ensure country blocking continues functioning, please update PHP."
7138	msgstr ""
7139
7140	+ #: lib/wfScanEngine.php:2374
7141	msgid "Previous scan was stopped successfully."
7142	msgstr ""
7143
7144	+ #: lib/wfScanEngine.php:2375
7145	msgid "Scan was stopped on administrator request."
7146	msgstr ""
7147
7148	+ #: lib/wfScanEngine.php:2391
7149	msgid "Entering start scan routine"
7150	msgstr ""
7151
7152	+ #: lib/wfScanEngine.php:2394
7153	msgid "A scan is already running. Use the stop scan button if you would like to terminate the current scan."
7154	msgstr ""
7155
7156	#. translators: Support URL.
7157	+ #: lib/wfScanEngine.php:2412
7158	msgid "Test result of scan start URL fetch: %s"
7159	msgstr ""
7160
7161	#. translators: WordPress admin panel URL.
7162	+ #: lib/wfScanEngine.php:2421
7163	msgid "Starting cron with normal ajax at URL %s"
7164	msgstr ""
7165
7166	#. translators: Error message.
7167	#. translators: WordPress admin panel URL.
7168	+ #: lib/wfScanEngine.php:2443
7169	+ #: lib/wfScanEngine.php:2478
7170	msgid "There was an error starting the scan: %s."
7171	msgstr ""
7172
7173	+ #: lib/wfScanEngine.php:2445
7174	+ #: lib/wfScanEngine.php:2480
7175	msgid "There was an unknown error starting the scan."
7176	msgstr ""
7177
7178	+ #: lib/wfScanEngine.php:2452
7179	+ #: lib/wfScanEngine.php:2486
7180	msgid "Scan process ended after forking."
7181	msgstr ""
7182
7183	#. translators: WordPress admin panel URL.
7184	+ #: lib/wfScanEngine.php:2456
7185	msgid "Starting cron via proxy at URL %s"
7186	msgstr ""
7187
7188	#. translators: Time in seconds.
7189	+ #: lib/wfScanEngine.php:2532
7190	msgid "Got value from wf config maxExecutionTime: %s"
7191	msgstr ""
7192
7193	#. translators: Time in seconds.
7194	+ #: lib/wfScanEngine.php:2536
7195	msgid "getMaxExecutionTime() returning config value: %s"
7196	msgstr ""
7197
7198	#. translators: PHP ini value.
7199	+ #: lib/wfScanEngine.php:2543
7200	msgid "Got max_execution_time value from ini: %s"
7201	msgstr ""
7202
7203	#. translators: 1. PHP ini setting. 2. Time in seconds.
7204	+ #: lib/wfScanEngine.php:2550
7205	msgid "ini value of %1$d is higher than value for WORDFENCE_SCAN_MAX_INI_EXECUTION_TIME (%2$d), reducing"
7206	msgstr ""
7207
7208	#. translators: PHP ini setting.
7209	+ #: lib/wfScanEngine.php:2560
7210	msgid "getMaxExecutionTime() returning half ini value: %d"
7211	msgstr ""
7212
7213	+ #: lib/wfScanEngine.php:2566
7214	msgid "getMaxExecutionTime() returning default of: 15"
7215	msgstr ""
7216
7217	#. translators: 1. HTTP status code.
7218	+ #: lib/wfScanEngine.php:2768
7219	msgid "Got error response from Wordfence servers: %s"
7220	msgstr ""
7221
7222	+ #: lib/wfScanEngine.php:2772
7223	msgid "Invalid response from Wordfence servers."
7224	msgstr ""
7225

9574	msgid "This file's signature matches a known malware file. The title of the malware is '%s'. Immediately inspect this file using the 'View' option below and consider deleting it from your server."
9575	msgstr ""
9576
9577	+ #: lib/wordfenceHash.php:281
9578	+ msgid "Ignoring invalid scan file child: %s"
9579	+ msgstr ""
9580	+
9581	#. translators: File path.
9582	+ #: lib/wordfenceHash.php:291
9583	+ #: lib/wordfenceHash.php:320
9584	msgid "Found .suspected file: %s"
9585	msgstr ""
9586
9587	#. translators: File path.
9588	+ #: lib/wordfenceHash.php:300
9589	+ #: lib/wordfenceHash.php:329
9590	msgid "Skipping unneeded hash: %s"
9591	msgstr ""
9592
9593	#. translators: Number of files.
9594	+ #: lib/wordfenceHash.php:356
9595	msgid "%d files indexed"
9596	msgstr ""
9597
9598	#. translators: File path.
9599	+ #: lib/wordfenceHash.php:393
9600	msgid "Forking during indexing: %s"
9601	msgstr ""
9602
9603	#. translators: PHP max execution time.
9604	+ #: lib/wordfenceHash.php:396
9605	msgid "Calling fork() from wordfenceHash with maxExecTime: %s"
9606	msgstr ""
9607
9608	#. translators: File path.
9609	+ #: lib/wordfenceHash.php:433
9610	msgid "Skipping file larger than max size: %s"
9611	msgstr ""
9612
9613	#. translators: 1. File path. 2. Memory in bytes.
9614	+ #: lib/wordfenceHash.php:438
9615	msgid "Scanning: %1$s (Mem:%2$s)"
9616	msgstr ""
9617
9618	#. translators: File path.
9619	+ #: lib/wordfenceHash.php:441
9620	msgid "Scanning: %s"
9621	msgstr ""
9622
9623	#. translators: File path.
9624	+ #: lib/wordfenceHash.php:481
9625	msgid "WordPress core file modified: %s"
9626	msgstr ""
9627
9628	#. translators: File path.
9629	+ #: lib/wordfenceHash.php:482
9630	msgid "This WordPress core file has been modified and differs from the original file distributed with this version of WordPress."
9631	msgstr ""
9632
9633	#. translators: File path.
9634	+ #: lib/wordfenceHash.php:518
9635	msgid "Modified plugin file: %s"
9636	msgstr ""
9637
9638	#. translators: 1. Plugin name. 2. Plugin version. 3. Support URL.
9639	+ #: lib/wordfenceHash.php:521
9640	msgid "This file belongs to plugin \"%1$s\" version \"%2$s\" and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don't manage their code correctly. <a href=\"%3$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9641	msgstr ""
9642
9643	#. translators: File path.
9644	+ #: lib/wordfenceHash.php:565
9645	msgid "Modified theme file: %s"
9646	msgstr ""
9647
9648	#. translators: 1. Plugin name. 2. Plugin version. 3. Support URL.
9649	+ #: lib/wordfenceHash.php:568
9650	msgid "This file belongs to theme \"%1$s\" version \"%2$s\" and has been modified from the original distribution. It is common for site owners to modify their theme files, so if you have modified this file yourself you can safely ignore this warning. <a href=\"%3$s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9651	msgstr ""
9652
9653	#. translators: File path.
9654	+ #: lib/wordfenceHash.php:602
9655	msgid "Old WordPress core file not removed during update: %s"
9656	msgstr ""
9657
9658	#. translators: File path.
9659	+ #: lib/wordfenceHash.php:603
9660	msgid "This file is in a WordPress core location but is from an older version of WordPress and not used with your current version. Hosting or permissions issues can cause these files to get left behind when WordPress is updated and they should be removed if possible."
9661	msgstr ""
9662
9663	#. translators: File path.
9664	+ #: lib/wordfenceHash.php:620
9665	+ #: lib/wordfenceHash.php:641
9666	msgid "Unknown file in WordPress core: %s"
9667	msgstr ""
9668
9669	#. translators: File path.
9670	+ #: lib/wordfenceHash.php:621
9671	msgid "This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker."
9672	msgstr ""
9673
9674	#. translators: Support URL.
9675	+ #: lib/wordfenceHash.php:642
9676	msgid "This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker. <a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9677	msgstr ""
9678
9679	#. translators: 1. Number of files. 2. Data in bytes.
9680	+ #: lib/wordfenceHash.php:671
9681	msgid "Analyzed %1$d files containing %2$s of data so far"
9682	msgstr ""
9683
9684	#. translators: Number of scan results.
9685	+ #: lib/wordfenceHash.php:755
9686	msgid "(+ %d more)"
9687	msgstr ""
9688
9689	#. translators: Number of files.
9690	+ #: lib/wordfenceHash.php:756
9691	msgid "%d more similar files were found."
9692	msgstr ""
9693
9694	#. translators: Number of files.
9695	+ #: lib/wordfenceHash.php:756
9696	msgid "1 more similar file was found."
9697	msgstr ""
9698
9699	#. translators: Number of files.
9700	+ #: lib/wordfenceHash.php:756
9701	msgid "<a href=\"%s\" target=\"_blank\" rel=\"noopener noreferrer\">Learn More<span class=\"screen-reader-text\"> ("
9702	msgstr ""
9703

9803	msgstr ""
9804
9805	#: lib/wordfenceScanner.php:526
9806	+ #: lib/wordfenceScanner.php:570
9807	msgid "File contains suspected malware URL: "
9808	msgstr ""
9809

9812	msgid "This file contains a suspected malware URL listed on Google's list of malware sites. Wordfence decodes %1$s when scanning files so the URL may not be visible if you view this file. The URL is: %2$s - More info available at <a href=\"http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%3$s&client=googlechrome&hl=en-US\" target=\"_blank\" rel=\"noopener noreferrer\">Google Safe Browsing diagnostic page<span class=\"screen-reader-text\"> (opens in new tab)</span></a>."
9813	msgstr ""
9814
9815	+ #: lib/wordfenceScanner.php:551
9816	msgid "File contains suspected phishing URL: "
9817	msgstr ""
9818
9819	+ #: lib/wordfenceScanner.php:552
9820	msgid "This file contains a URL that is a suspected phishing site that is currently listed on Google's list of known phishing sites. The URL is: "
9821	msgstr ""
9822
9823	+ #: lib/wordfenceScanner.php:571
9824	msgid "This file contains a URL that is currently listed on Wordfence's domain blocklist. The URL is: "
9825	msgstr ""
9826
9827	+ #: lib/wordfenceScanner.php:588
9828	msgid "Finalizing malware scan results"
9829	msgstr ""
9830
9831	#. translators: 1. Number of fils. 2. Seconds in millisecond precision.
9832	+ #: lib/wordfenceScanner.php:610
9833	msgid "Scanned contents of %1$d additional files at %2$.2f per second"
9834	msgstr ""
9835

lib/GeoLite2-Country.mmdb CHANGED Viewed

Binary file

lib/wfFileUtils.php CHANGED Viewed

	@@ -1,5 +1,7 @@
1	<?php
2


3	class wfFileUtils {
4
5	const CURRENT_DIRECTORY = '.';
	@@ -74,4 +76,11 @@ class wfFileUtils {
74	return true;
75	}
76







77	}


1	<?php
2
3	+ require_once __DIR__ . "/wfInvalidPathException.php";
4	+
5	class wfFileUtils {
6
7	const CURRENT_DIRECTORY = '.';

76	return true;
77	}
78
79	+ public static function realPath($path) {
80	+ $realPath = realpath($path);
81	+ if ($realPath === false)
82	+ throw new wfInvalidPathException("Realpath resolution failed", $path);
83	+ return $realPath;
84	+ }
85	+
86	}

lib/wfInvalidPathException.php ADDED Viewed

	@@ -0,0 +1,16 @@


1	+ <?php
2	+
3	+ class wfInvalidPathException extends RuntimeException {
4	+
5	+ private $path;
6	+
7	+ public function __construct($message, $path) {
8	+ parent::__construct("{$message} for path {$path}");
9	+ $this->path = $path;
10	+ }
11	+
12	+ public function getPath() {
13	+ return $this->path;
14	+ }
15	+
16	+ }

lib/wfScanEngine.php CHANGED Viewed

	@@ -925,11 +925,17 @@ class wfScanEngine {
925	if (!empty($path)) {
926	if ($constant === 'UPLOADS')
927	$path = ABSPATH . $path;
928	- ~~$scanPaths[]~~ ~~= new wfScanPath(~~
929	- ~~ABSPATH,~~
930	- ~~$path~~,
931	- $~~wordpressPath~~
932	- );






933	}
934	}
935	$scanOutside = $this->scanController->scanOutsideWordPress();
	@@ -939,14 +945,19 @@ class wfScanEngine {
939	if (!$scanOutside && $scanPath->hasExpectedFiles()) {
940	try {
941	foreach ($scanPath->getContents() as $fileName) {
942	- ~~$file~~ ~~= $scanPath->createScanFile($fileName);~~
943	- if ~~(wfUtils::fileTooBig(~~$~~file~~->~~getRealPath~~()))
944	- ~~continue;~~
945	- ~~if ($scanPath->expectsFile($fileName) \|\| wfFileUtils::isReadableFile($file->getRealPath())) {~~
946	- $~~scanned[~~$file->getRealPath()] ~~= $file;~~





947	}
948	- ~~else~~ {
949	- $~~skipped[$file~~->~~getRealPath~~()~~] = $file~~;
950	}
951	}
952	}
	@@ -955,8 +966,13 @@ class wfScanEngine {
955	}
956	}
957	else {
958	- ~~$file~~ ~~= $scanPath->createScanFile('/');~~
959	- $~~scanned[$~~file~~->getRealPath()]~~ = $~~file~~;





960	}
961	}
962	$_cache = array(


925	if (!empty($path)) {
926	if ($constant === 'UPLOADS')
927	$path = ABSPATH . $path;
928	+ try {
929	+ $scanPaths[] = new wfScanPath(
930	+ ABSPATH,
931	+ $path,
932	+ $wordpressPath
933	+ );
934	+ }
935	+ catch (wfInvalidPathException $e) {
936	+ //Ignore invalid scan paths
937	+ wordfence::status(4, 'info', sprintf(__("Ignoring invalid scan path: %s", 'wordfence'), $e->getPath()));
938	+ }
939	}
940	}
941	$scanOutside = $this->scanController->scanOutsideWordPress();

945	if (!$scanOutside && $scanPath->hasExpectedFiles()) {
946	try {
947	foreach ($scanPath->getContents() as $fileName) {
948	+ try {
949	+ $file = $scanPath->createScanFile($fileName);
950	+ if (wfUtils::fileTooBig($file->getRealPath()))
951	+ continue;
952	+ if ($scanPath->expectsFile($fileName) \|\| wfFileUtils::isReadableFile($file->getRealPath())) {
953	+ $scanned[$file->getRealPath()] = $file;
954	+ }
955	+ else {
956	+ $skipped[$file->getRealPath()] = $file;
957	+ }
958	}
959	+ catch (wfInvalidPathException $e) {
960	+ wordfence::status(4, 'info', sprintf(__("Ignoring invalid expected scan file: %s", 'wordfence'), $e->getPath()));
961	}
962	}
963	}

966	}
967	}
968	else {
969	+ try {
970	+ $file = $scanPath->createScanFile('/');
971	+ $scanned[$file->getRealPath()] = $file;
972	+ }
973	+ catch (wfInvalidPathException $e) {
974	+ wordfence::status(4, 'info', sprintf(__("Ignoring invalid base scan file: %s", 'wordfence'), $e->getPath()));
975	+ }
976	}
977	}
978	$_cache = array(

lib/wfScanFile.php CHANGED Viewed

	@@ -29,7 +29,7 @@ class wfScanFile {
29
30	public function createChild($childPath) {
31	return new self(
32	- ~~realpath~~(wfFileUtils::joinPaths($this->realPath, $childPath)),
33	wfFileUtils::joinPaths($this->wordpressPath, $childPath)
34	);
35	}


29
30	public function createChild($childPath) {
31	return new self(
32	+ wfFileUtils::realPath(wfFileUtils::joinPaths($this->realPath, $childPath)),
33	wfFileUtils::joinPaths($this->wordpressPath, $childPath)
34	);
35	}

lib/wfScanPath.php CHANGED Viewed

	@@ -14,7 +14,7 @@ class wfScanPath {
14	public function __construct($baseDirectory, $path, $wordpressPath = null, $expectedFiles = null) {
15	$this->baseDirectory = $baseDirectory;
16	$this->path = $path;
17	- $this->realPath = ~~realpath~~($path);
18	$this->wordpressPath = $wordpressPath;
19	$this->expectedFiles = is_array($expectedFiles) ? array_flip($expectedFiles) : null;
20	}
	@@ -53,7 +53,7 @@ class wfScanPath {
53
54	public function createScanFile($relativePath) {
55	return new wfScanFile(
56	- ~~realpath~~(wfFileUtils::joinPaths($this->realPath, $relativePath)),
57	wfFileUtils::trimSeparators(wfFileUtils::joinPaths($this->wordpressPath, $relativePath), true, false)
58	);
59	}


14	public function __construct($baseDirectory, $path, $wordpressPath = null, $expectedFiles = null) {
15	$this->baseDirectory = $baseDirectory;
16	$this->path = $path;
17	+ $this->realPath = wfFileUtils::realPath($path);
18	$this->wordpressPath = $wordpressPath;
19	$this->expectedFiles = is_array($expectedFiles) ? array_flip($expectedFiles) : null;
20	}

53
54	public function createScanFile($relativePath) {
55	return new wfScanFile(
56	+ wfFileUtils::realPath(wfFileUtils::joinPaths($this->realPath, $relativePath)),
57	wfFileUtils::trimSeparators(wfFileUtils::joinPaths($this->wordpressPath, $relativePath), true, false)
58	);
59	}

lib/wfUtils.php CHANGED Viewed

	@@ -1678,7 +1678,7 @@ class wfUtils {
1678	}
1679	public static function doNotCache(){
1680	header("Pragma: no-cache");
1681	- header("Cache-Control: no-cache, must-revalidate, private");
1682	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); //In the past
1683	if(! defined('DONOTCACHEPAGE')){ define('DONOTCACHEPAGE', true); }
1684	if(! defined('DONOTCACHEDB')){ define('DONOTCACHEDB', true); }


1678	}
1679	public static function doNotCache(){
1680	header("Pragma: no-cache");
1681	+ header("Cache-Control: no-cache, must-revalidate, private, max-age=0");
1682	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); //In the past
1683	if(! defined('DONOTCACHEPAGE')){ define('DONOTCACHEPAGE', true); }
1684	if(! defined('DONOTCACHEDB')){ define('DONOTCACHEDB', true); }

lib/wordfenceHash.php CHANGED Viewed

	@@ -274,7 +274,13 @@ class wordfenceHash {
274	if (wfFileUtils::isCurrentOrParentDirectory($child)) {
275	continue;
276	}
277	- ~~$child~~ ~~= $file->createChild($child);~~






278	if (is_file($child->getRealPath())) {
279	$relativeFile = $child->getWordpressPath();
280	if ($this->stoppedOnFile && $relativeFile != $this->stoppedOnFile) {


274	if (wfFileUtils::isCurrentOrParentDirectory($child)) {
275	continue;
276	}
277	+ try {
278	+ $child = $file->createChild($child);
279	+ }
280	+ catch (wfInvalidPathException $e) {
281	+ wordfence::status(4, 'info', sprintf(__("Ignoring invalid scan file child: %s", 'wordfence'), $e->getPath()));
282	+ continue;
283	+ }
284	if (is_file($child->getRealPath())) {
285	$relativeFile = $child->getWordpressPath();
286	if ($this->stoppedOnFile && $relativeFile != $this->stoppedOnFile) {

lib/wordfenceScanner.php CHANGED Viewed

	@@ -230,7 +230,7 @@ class wordfenceScanner {
230	}
231	}
232	}
233	- if (!file_exists($~~this~~->~~path . $file~~)) {
234	$record->markComplete();
235	continue;
236	}
	@@ -277,7 +277,7 @@ class wordfenceScanner {
277	continue;
278	}
279	}
280	- if(wfUtils::fileTooBig($~~this~~->~~path . $file~~)){ //We can't use filesize on 32 bit systems for files > 2 gigs
281	//We should not need this check because files > 2 gigs are not hashed and therefore won't be received back as unknowns from the API server
282	//But we do it anyway to be safe.
283	wordfence::status(2, 'error', sprintf(/* translators: File path. */ __('Encountered file that is too large: %s - Skipping.', 'wordfence'), $file));
	@@ -286,7 +286,7 @@ class wordfenceScanner {
286	}
287	wfUtils::beginProcessingFile($file);
288
289	- $fsize = @filesize($~~this~~->~~path . $file~~); //Checked if too big above
290	$fsize = wfUtils::formatBytes($fsize);
291	if (function_exists('memory_get_usage')) {
292	wordfence::status(4, 'info', sprintf(
	@@ -306,7 +306,7 @@ class wordfenceScanner {
306	}
307
308	$stime = microtime(true);
309	- $fh = @fopen($~~this~~->~~path . $file~~, 'r');
310	if (!$fh) {
311	$record->markComplete();
312	continue;
	@@ -344,7 +344,7 @@ class wordfenceScanner {
344	$this->addResult(array(
345	'type' => 'file',
346	'severity' => wfIssues::SEVERITY_CRITICAL,
347	- 'ignoreP' => $~~this~~->~~path . $file~~,
348	'ignoreC' => $fileSum,
349	'shortMsg' => __('File is an old version of TimThumb which is vulnerable.', 'wordfence'),
350	'longMsg' => __('This file appears to be an old version of the TimThumb script which makes your system vulnerable to attackers. Please upgrade the theme or plugin that uses this or remove it.', 'wordfence') . $extraMsg,
	@@ -412,7 +412,7 @@ class wordfenceScanner {
412	$this->addResult(array(
413	'type' => 'file',
414	'severity' => wfIssues::SEVERITY_CRITICAL,
415	- 'ignoreP' => $~~this~~->~~path . $file~~,
416	'ignoreC' => $fileSum,
417	'shortMsg' => sprintf(__('File appears to be malicious or unsafe: %s', 'wordfence'), esc_html($file)),
418	'longMsg' => $customMessage . ' ' . sprintf(__('The matched text in this file is: %s', 'wordfence'), '<strong style="color: #F00;" class="wf-split-word">' . wfUtils::potentialBinaryStringToHTML((wfUtils::strlen($matchString) > 200 ? wfUtils::substr($matchString, 0, 200) . '...' : $matchString)) . '</strong>') . ' ' . '<br><br>' . sprintf(/* translators: Scan result type. / __('The issue type is: %s', 'wordfence'), '<strong>' . esc_html($rule[7]) . '</strong>') . '<br>' . sprintf(/ translators: Scan result description. */ __('Description: %s', 'wordfence'), '<strong>' . esc_html($rule[3]) . '</strong>') . $extraMsg,
	@@ -454,7 +454,7 @@ class wordfenceScanner {
454	$this->addResult(array(
455	'type' => 'file',
456	'severity' => wfIssues::SEVERITY_CRITICAL,
457	- 'ignoreP' => $~~this~~->~~path . $file~~,
458	'ignoreC' => $fileSum,
459	'shortMsg' => __('This file may contain malicious executable code: ', 'wordfence') . esc_html($file),
460	'longMsg' => sprintf(/* translators: Malware signature matched text. */ __('This file is a PHP executable file and contains the word "eval" (without quotes) and the word "%s" (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.', 'wordfence'), '<span class="wf-split-word">' . esc_html($badStringFound) . '</span>'),
	@@ -506,7 +506,7 @@ class wordfenceScanner {
506
507	foreach($hooverResults as $file => $hresults){
508	$record = wordfenceMalwareScanFile::fileForPath($file);
509	- $dataForFile = $this->dataForFile($file, $~~this~~->~~path . $file~~);
510
511	foreach($hresults as $result){
512	if(preg_match('/wfBrowscapCache\.php$/', $file)){
	@@ -521,8 +521,8 @@ class wordfenceScanner {
521	$this->addResult(array(
522	'type' => 'file',
523	'severity' => wfIssues::SEVERITY_CRITICAL,
524	- 'ignoreP' => $~~this~~->~~path . $file~~,
525	- 'ignoreC' => md5_file($~~this~~->~~path . $file~~),
526	'shortMsg' => __('File contains suspected malware URL: ', 'wordfence') . esc_html($file),
527	'longMsg' => wp_kses(sprintf(
528	/* translators: 1. Malware signature matched text. 2. Malicious URL. 3. Malicious URL. */
	@@ -533,6 +533,7 @@ class wordfenceScanner {
533	), array('a'=>array('href'=>array(), 'target'=>array(), 'rel'=>array()), 'span'=>array('class'))),
534	'data' => array_merge(array(
535	'file' => $file,

536	'shac' => $record->SHAC,
537	'badURL' => $result['URL'],
538	'gsb' => 'goog-malware-shavar',
	@@ -545,12 +546,13 @@ class wordfenceScanner {
545	$this->addResult(array(
546	'type' => 'file',
547	'severity' => wfIssues::SEVERITY_CRITICAL,
548	- 'ignoreP' => $~~this~~->~~path . $file~~,
549	- 'ignoreC' => md5_file($~~this~~->~~path . $file~~),
550	'shortMsg' => __('File contains suspected phishing URL: ', 'wordfence') . esc_html($file),
551	'longMsg' => __('This file contains a URL that is a suspected phishing site that is currently listed on Google\'s list of known phishing sites. The URL is: ', 'wordfence') . esc_html($result['URL']),
552	'data' => array_merge(array(
553	'file' => $file,

554	'shac' => $record->SHAC,
555	'badURL' => $result['URL'],
556	'gsb' => 'googpub-phish-shavar',
	@@ -563,12 +565,13 @@ class wordfenceScanner {
563	$this->addResult(array(
564	'type' => 'file',
565	'severity' => wfIssues::SEVERITY_CRITICAL,
566	- 'ignoreP' => $~~this~~->~~path . $file~~,
567	- 'ignoreC' => md5_file($~~this~~->~~path . $file~~),
568	'shortMsg' => __('File contains suspected malware URL: ', 'wordfence') . esc_html($file),
569	'longMsg' => __('This file contains a URL that is currently listed on Wordfence\'s domain blocklist. The URL is: ', 'wordfence') . esc_html($result['URL']),
570	'data' => array_merge(array(
571	'file' => $file,

572	'shac' => $record->SHAC,
573	'badURL' => $result['URL'],
574	'gsb' => 'wordfence-dbl',


230	}
231	}
232	}
233	+ if (!file_exists($record->realPath)) {
234	$record->markComplete();
235	continue;
236	}

277	continue;
278	}
279	}
280	+ if(wfUtils::fileTooBig($record->realPath)){ //We can't use filesize on 32 bit systems for files > 2 gigs
281	//We should not need this check because files > 2 gigs are not hashed and therefore won't be received back as unknowns from the API server
282	//But we do it anyway to be safe.
283	wordfence::status(2, 'error', sprintf(/* translators: File path. */ __('Encountered file that is too large: %s - Skipping.', 'wordfence'), $file));

286	}
287	wfUtils::beginProcessingFile($file);
288
289	+ $fsize = @filesize($record->realPath); //Checked if too big above
290	$fsize = wfUtils::formatBytes($fsize);
291	if (function_exists('memory_get_usage')) {
292	wordfence::status(4, 'info', sprintf(

306	}
307
308	$stime = microtime(true);
309	+ $fh = @fopen($record->realPath, 'r');
310	if (!$fh) {
311	$record->markComplete();
312	continue;

344	$this->addResult(array(
345	'type' => 'file',
346	'severity' => wfIssues::SEVERITY_CRITICAL,
347	+ 'ignoreP' => $record->realPath,
348	'ignoreC' => $fileSum,
349	'shortMsg' => __('File is an old version of TimThumb which is vulnerable.', 'wordfence'),
350	'longMsg' => __('This file appears to be an old version of the TimThumb script which makes your system vulnerable to attackers. Please upgrade the theme or plugin that uses this or remove it.', 'wordfence') . $extraMsg,

412	$this->addResult(array(
413	'type' => 'file',
414	'severity' => wfIssues::SEVERITY_CRITICAL,
415	+ 'ignoreP' => $record->realPath,
416	'ignoreC' => $fileSum,
417	'shortMsg' => sprintf(__('File appears to be malicious or unsafe: %s', 'wordfence'), esc_html($file)),
418	'longMsg' => $customMessage . ' ' . sprintf(__('The matched text in this file is: %s', 'wordfence'), '<strong style="color: #F00;" class="wf-split-word">' . wfUtils::potentialBinaryStringToHTML((wfUtils::strlen($matchString) > 200 ? wfUtils::substr($matchString, 0, 200) . '...' : $matchString)) . '</strong>') . ' ' . '<br><br>' . sprintf(/* translators: Scan result type. / __('The issue type is: %s', 'wordfence'), '<strong>' . esc_html($rule[7]) . '</strong>') . '<br>' . sprintf(/ translators: Scan result description. */ __('Description: %s', 'wordfence'), '<strong>' . esc_html($rule[3]) . '</strong>') . $extraMsg,

454	$this->addResult(array(
455	'type' => 'file',
456	'severity' => wfIssues::SEVERITY_CRITICAL,
457	+ 'ignoreP' => $record->realPath,
458	'ignoreC' => $fileSum,
459	'shortMsg' => __('This file may contain malicious executable code: ', 'wordfence') . esc_html($file),
460	'longMsg' => sprintf(/* translators: Malware signature matched text. */ __('This file is a PHP executable file and contains the word "eval" (without quotes) and the word "%s" (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.', 'wordfence'), '<span class="wf-split-word">' . esc_html($badStringFound) . '</span>'),

506
507	foreach($hooverResults as $file => $hresults){
508	$record = wordfenceMalwareScanFile::fileForPath($file);
509	+ $dataForFile = $this->dataForFile($file, $record->realPath);
510
511	foreach($hresults as $result){
512	if(preg_match('/wfBrowscapCache\.php$/', $file)){

521	$this->addResult(array(
522	'type' => 'file',
523	'severity' => wfIssues::SEVERITY_CRITICAL,
524	+ 'ignoreP' => $record->realPath,
525	+ 'ignoreC' => md5_file($record->realPath),
526	'shortMsg' => __('File contains suspected malware URL: ', 'wordfence') . esc_html($file),
527	'longMsg' => wp_kses(sprintf(
528	/* translators: 1. Malware signature matched text. 2. Malicious URL. 3. Malicious URL. */

533	), array('a'=>array('href'=>array(), 'target'=>array(), 'rel'=>array()), 'span'=>array('class'))),
534	'data' => array_merge(array(
535	'file' => $file,
536	+ 'realFile' => $record->realPath,
537	'shac' => $record->SHAC,
538	'badURL' => $result['URL'],
539	'gsb' => 'goog-malware-shavar',

546	$this->addResult(array(
547	'type' => 'file',
548	'severity' => wfIssues::SEVERITY_CRITICAL,
549	+ 'ignoreP' => $record->realPath,
550	+ 'ignoreC' => md5_file($record->realPath),
551	'shortMsg' => __('File contains suspected phishing URL: ', 'wordfence') . esc_html($file),
552	'longMsg' => __('This file contains a URL that is a suspected phishing site that is currently listed on Google\'s list of known phishing sites. The URL is: ', 'wordfence') . esc_html($result['URL']),
553	'data' => array_merge(array(
554	'file' => $file,
555	+ 'realFile' => $record->realPath,
556	'shac' => $record->SHAC,
557	'badURL' => $result['URL'],
558	'gsb' => 'googpub-phish-shavar',

565	$this->addResult(array(
566	'type' => 'file',
567	'severity' => wfIssues::SEVERITY_CRITICAL,
568	+ 'ignoreP' => $record->realFile,
569	+ 'ignoreC' => md5_file($record->realPath),
570	'shortMsg' => __('File contains suspected malware URL: ', 'wordfence') . esc_html($file),
571	'longMsg' => __('This file contains a URL that is currently listed on Wordfence\'s domain blocklist. The URL is: ', 'wordfence') . esc_html($result['URL']),
572	'data' => array_merge(array(
573	'file' => $file,
574	+ 'realFile' => $record->realPath,
575	'shac' => $record->SHAC,
576	'badURL' => $result['URL'],
577	'gsb' => 'wordfence-dbl',

modules/login-security/classes/controller/ajax.php CHANGED Viewed

	@@ -183,7 +183,7 @@ class Controller_AJAX {
183	}
184	}
185	if (empty($username) \|\| empty($password)) {
186	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: A username and password must be provided. <a href="%s" title="Password Lost and Found">Lost your password</a>?'), wp_lostpassword_url()), array('strong'=>array(), 'a'=>array('href'=>array(), 'title'=>array())))));
187	}
188
189	$legacy2FAActive = Controller_WordfenceLS::shared()->legacy_2fa_active();
	@@ -231,7 +231,7 @@ class Controller_AJAX {
231	$reset = false;
232	foreach ($user->get_error_codes() as $code) {
233	if ($code == 'invalid_username' \|\| $code == 'invalid_email' \|\| $code == 'incorrect_password' \|\| $code == 'authentication_failed') {
234	- $errors[] = wp_kses(sprintf(__('<strong>ERROR</strong>: The username or password you entered is incorrect. <a href="%s" title="Password Lost and Found">Lost your password</a>?'), wp_lostpassword_url()), array('strong'=>array(), 'a'=>array('href'=>array(), 'title'=>array())));
235	}
236	else {
237	if ($code == 'wfls_twofactor_invalid') {
	@@ -263,7 +263,7 @@ class Controller_AJAX {
263	}
264	}
265
266	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: The username or password you entered is incorrect. <a href="%s" title="Password Lost and Found">Lost your password</a>?'), wp_lostpassword_url()), array('strong'=>array(), 'a'=>array('href'=>array(), 'title'=>array())))));
267	}
268
269	public function _ajax_register_support_callback() {
	@@ -278,7 +278,7 @@ class Controller_AJAX {
278	$email === null \|\|
279	!isset($_POST['wfls-message']) \|\| !is_string($_POST['wfls-message']) \|\|
280	!isset($_POST['wfls-message-nonce']) \|\| !is_string($_POST['wfls-message-nonce'])) {
281	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.')), array('strong'=>array()))));
282	}
283
284	$email = sanitize_email($email);
	@@ -289,7 +289,7 @@ class Controller_AJAX {
289	$nonce = $_POST['wfls-message-nonce'];
290
291	if ((isset($_POST['user_login']) && empty($login)) \|\| empty($email) \|\| !filter_var($email, FILTER_VALIDATE_EMAIL) \|\| empty($message)) {
292	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.')), array('strong'=>array()))));
293	}
294
295	$jwt = Model_JWT::decode_jwt($_POST['wfls-message-nonce']);
	@@ -297,30 +297,30 @@ class Controller_AJAX {
297	$decryptedIP = Model_Symmetric::decrypt($jwt->payload['ip']);
298	$decryptedScore = Model_Symmetric::decrypt($jwt->payload['score']);
299	if ($decryptedIP === false \|\| $decryptedScore === false \|\| Model_IP::inet_pton($decryptedIP) !== Model_IP::inet_pton(Model_Request::current()->ip())) { //JWT IP and the current request's IP don't match, refuse the message
300	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.')), array('strong'=>array()))));
301	}
302
303	$identifier = bin2hex(Model_IP::inet_pton($decryptedIP));
304	$tokenBucket = new Model_TokenBucket('rate:' . $identifier, 2, 1 / (6 * Model_TokenBucket::HOUR)); //Maximum of two requests, refilling at a rate of one per six hours
305	if (!$tokenBucket->consume(1)) {
306	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. You have exceeded the maximum number of messages that may be sent at this time. Please try again later.')), array('strong'=>array()))));
307	}
308
309	$email = array(
310	'to' => get_site_option('admin_email'),
311	- 'subject' => __('Blocked User Registration Contact Form', 'wordfence-ls'),
312	- 'body' => sprintf(__("A visitor blocked from registration sent the following message.\n\n----------------------------------------\n\nIP: %s\nUsername: %s\nEmail: %s\nreCAPTCHA Score: %f\n\n----------------------------------------\n\n%s", 'wordfence-ls'), $decryptedIP, $login, $email, $decryptedScore, $message),
313	'headers' => '',
314	);
315	$success = wp_mail($email['to'], $email['subject'], $email['body'], $email['headers']);
316	if ($success) {
317	- self::send_json(array('message' => wp_kses(sprintf(__('<strong>MESSAGE SENT</strong>: Your message was sent to the site owner.')), array('strong'=>array()))));
318	}
319
320	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: An error occurred while sending the message. Please try again.')), array('strong'=>array()))));
321	}
322
323	- self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.')), array('strong'=>array()))));
324	}
325
326	public function _ajax_activate_callback() {
	@@ -445,7 +445,7 @@ class Controller_AJAX {
445	}
446
447	self::send_json(array(
448	- 'error' => esc_html__('No configuration changes were provided to save.', 'wordfence'),
449	));
450	}
451
	@@ -560,7 +560,7 @@ class Controller_AJAX {
560	if ($userId !== 0 && Controller_Notices::shared()->dismiss_persistent_notice($userId, $noticeId))
561	self::send_json(array('success' => true));
562	self::send_json(array(
563	- 'error' => esc_html__('Unable to dismiss notice', 'wordfence')
564	));
565	}
566	}


183	}
184	}
185	if (empty($username) \|\| empty($password)) {
186	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: A username and password must be provided. <a href="%s" title="Password Lost and Found">Lost your password</a>?', 'wordfence-2fa'), wp_lostpassword_url()), array('strong'=>array(), 'a'=>array('href'=>array(), 'title'=>array())))));
187	}
188
189	$legacy2FAActive = Controller_WordfenceLS::shared()->legacy_2fa_active();

231	$reset = false;
232	foreach ($user->get_error_codes() as $code) {
233	if ($code == 'invalid_username' \|\| $code == 'invalid_email' \|\| $code == 'incorrect_password' \|\| $code == 'authentication_failed') {
234	+ $errors[] = wp_kses(sprintf(__('<strong>ERROR</strong>: The username or password you entered is incorrect. <a href="%s" title="Password Lost and Found">Lost your password</a>?', 'wordfence-2fa'), wp_lostpassword_url()), array('strong'=>array(), 'a'=>array('href'=>array(), 'title'=>array())));
235	}
236	else {
237	if ($code == 'wfls_twofactor_invalid') {

263	}
264	}
265
266	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: The username or password you entered is incorrect. <a href="%s" title="Password Lost and Found">Lost your password</a>?', 'wordfence-2fa'), wp_lostpassword_url()), array('strong'=>array(), 'a'=>array('href'=>array(), 'title'=>array())))));
267	}
268
269	public function _ajax_register_support_callback() {

278	$email === null \|\|
279	!isset($_POST['wfls-message']) \|\| !is_string($_POST['wfls-message']) \|\|
280	!isset($_POST['wfls-message-nonce']) \|\| !is_string($_POST['wfls-message-nonce'])) {
281	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.', 'wordfence-2fa')), array('strong'=>array()))));
282	}
283
284	$email = sanitize_email($email);

289	$nonce = $_POST['wfls-message-nonce'];
290
291	if ((isset($_POST['user_login']) && empty($login)) \|\| empty($email) \|\| !filter_var($email, FILTER_VALIDATE_EMAIL) \|\| empty($message)) {
292	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.', 'wordfence-2fa')), array('strong'=>array()))));
293	}
294
295	$jwt = Model_JWT::decode_jwt($_POST['wfls-message-nonce']);

297	$decryptedIP = Model_Symmetric::decrypt($jwt->payload['ip']);
298	$decryptedScore = Model_Symmetric::decrypt($jwt->payload['score']);
299	if ($decryptedIP === false \|\| $decryptedScore === false \|\| Model_IP::inet_pton($decryptedIP) !== Model_IP::inet_pton(Model_Request::current()->ip())) { //JWT IP and the current request's IP don't match, refuse the message
300	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.', 'wordfence-2fa')), array('strong'=>array()))));
301	}
302
303	$identifier = bin2hex(Model_IP::inet_pton($decryptedIP));
304	$tokenBucket = new Model_TokenBucket('rate:' . $identifier, 2, 1 / (6 * Model_TokenBucket::HOUR)); //Maximum of two requests, refilling at a rate of one per six hours
305	if (!$tokenBucket->consume(1)) {
306	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. You have exceeded the maximum number of messages that may be sent at this time. Please try again later.', 'wordfence-2fa')), array('strong'=>array()))));
307	}
308
309	$email = array(
310	'to' => get_site_option('admin_email'),
311	+ 'subject' => __('Blocked User Registration Contact Form', 'wordfence-2fa'),
312	+ 'body' => sprintf(__("A visitor blocked from registration sent the following message.\n\n----------------------------------------\n\nIP: %s\nUsername: %s\nEmail: %s\nreCAPTCHA Score: %f\n\n----------------------------------------\n\n%s", 'wordfence-2fa'), $decryptedIP, $login, $email, $decryptedScore, $message),
313	'headers' => '',
314	);
315	$success = wp_mail($email['to'], $email['subject'], $email['body'], $email['headers']);
316	if ($success) {
317	+ self::send_json(array('message' => wp_kses(sprintf(__('<strong>MESSAGE SENT</strong>: Your message was sent to the site owner.', 'wordfence-2fa')), array('strong'=>array()))));
318	}
319
320	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: An error occurred while sending the message. Please try again.', 'wordfence-2fa')), array('strong'=>array()))));
321	}
322
323	+ self::send_json(array('error' => wp_kses(sprintf(__('<strong>ERROR</strong>: Unable to send message. Please refresh the page and try again.', 'wordfence-2fa')), array('strong'=>array()))));
324	}
325
326	public function _ajax_activate_callback() {

445	}
446
447	self::send_json(array(
448	+ 'error' => esc_html__('No configuration changes were provided to save.', 'wordfence-2fa'),
449	));
450	}
451

560	if ($userId !== 0 && Controller_Notices::shared()->dismiss_persistent_notice($userId, $noticeId))
561	self::send_json(array('success' => true));
562	self::send_json(array(
563	+ 'error' => esc_html__('Unable to dismiss notice', 'wordfence-2fa')
564	));
565	}
566	}

modules/login-security/classes/controller/settings.php CHANGED Viewed

	@@ -26,6 +26,7 @@ class Controller_Settings {
26	const OPTION_DELETE_ON_DEACTIVATION = 'delete-deactivation';
27	const OPTION_PREFIX_REQUIRED_2FA_ROLE = 'required-2fa-role';
28	const OPTION_ENABLE_WOOCOMMERCE_INTEGRATION = 'enable-woocommerce-integration';

29
30	//Internal
31	const OPTION_GLOBAL_NOTICES = 'global-notices';
	@@ -87,7 +88,8 @@ class Controller_Settings {
87	self::OPTION_RECAPTCHA_THRESHOLD => array('value' => 0.5, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
88	self::OPTION_LAST_SECRET_REFRESH => array('value' => 0, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
89	self::OPTION_DELETE_ON_DEACTIVATION => array('value' => false, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
90	- self::OPTION_ENABLE_WOOCOMMERCE_INTEGRATION => array('value' => false, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false)

91	));
92	}
93
	@@ -126,7 +128,14 @@ class Controller_Settings {
126	}
127
128	public function get_array($key, $default = array()) {
129	- ~~return~~ ~~(array)~~ ~~@json_decode(~~$this->get($key, ~~$default~~)~~, true)~~;







130	}
131
132	public function remove($key) {
	@@ -152,6 +161,8 @@ class Controller_Settings {
152	case self::OPTION_CAPTCHA_TEST_MODE:
153	case self::OPTION_DISMISSED_FRESH_INSTALL_MODAL:
154	case self::OPTION_DELETE_ON_DEACTIVATION:


155	return true;
156
157	//Int
	@@ -249,6 +260,8 @@ class Controller_Settings {
249	case self::OPTION_CAPTCHA_TEST_MODE:
250	case self::OPTION_DISMISSED_FRESH_INSTALL_MODAL:
251	case self::OPTION_DELETE_ON_DEACTIVATION:


252	return $this->_truthy_to_bool($value);
253
254	//Int
	@@ -416,7 +429,11 @@ class Controller_Settings {
416	public function disable_ntp_cron() {
417	$this->set(self::OPTION_NTP_FAILURE_COUNT, -1);
418	}
419	-




420	/**
421	* Utility
422	*/


26	const OPTION_DELETE_ON_DEACTIVATION = 'delete-deactivation';
27	const OPTION_PREFIX_REQUIRED_2FA_ROLE = 'required-2fa-role';
28	const OPTION_ENABLE_WOOCOMMERCE_INTEGRATION = 'enable-woocommerce-integration';
29	+ const OPTION_ENABLE_LOGIN_HISTORY_COLUMNS = 'enable-login-history-columns';
30
31	//Internal
32	const OPTION_GLOBAL_NOTICES = 'global-notices';

88	self::OPTION_RECAPTCHA_THRESHOLD => array('value' => 0.5, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
89	self::OPTION_LAST_SECRET_REFRESH => array('value' => 0, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
90	self::OPTION_DELETE_ON_DEACTIVATION => array('value' => false, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
91	+ self::OPTION_ENABLE_WOOCOMMERCE_INTEGRATION => array('value' => false, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false),
92	+ self::OPTION_ENABLE_LOGIN_HISTORY_COLUMNS => array('value' => true, 'autoload' => Model_Settings::AUTOLOAD_YES, 'allowOverwrite' => false)
93	));
94	}
95

128	}
129
130	public function get_array($key, $default = array()) {
131	+ $value = $this->get($key, null);
132	+ if (is_string($value)) {
133	+ $value = @json_decode($value, true);
134	+ }
135	+ else {
136	+ $value = null;
137	+ }
138	+ return is_array($value) ? $value : $default;
139	}
140
141	public function remove($key) {

161	case self::OPTION_CAPTCHA_TEST_MODE:
162	case self::OPTION_DISMISSED_FRESH_INSTALL_MODAL:
163	case self::OPTION_DELETE_ON_DEACTIVATION:
164	+ case self::OPTION_ENABLE_WOOCOMMERCE_INTEGRATION:
165	+ case self::OPTION_ENABLE_LOGIN_HISTORY_COLUMNS:
166	return true;
167
168	//Int

260	case self::OPTION_CAPTCHA_TEST_MODE:
261	case self::OPTION_DISMISSED_FRESH_INSTALL_MODAL:
262	case self::OPTION_DELETE_ON_DEACTIVATION:
263	+ case self::OPTION_ENABLE_WOOCOMMERCE_INTEGRATION:
264	+ case self::OPTION_ENABLE_LOGIN_HISTORY_COLUMNS:
265	return $this->_truthy_to_bool($value);
266
267	//Int

429	public function disable_ntp_cron() {
430	$this->set(self::OPTION_NTP_FAILURE_COUNT, -1);
431	}
432	+
433	+ public function are_login_history_columns_enabled() {
434	+ return Controller_Settings::shared()->get_bool(Controller_Settings::OPTION_ENABLE_LOGIN_HISTORY_COLUMNS, true);
435	+ }
436	+
437	/**
438	* Utility
439	*/

modules/login-security/classes/controller/users.php CHANGED Viewed

	@@ -494,7 +494,7 @@ class Controller_Users {
494	$columns['wfls_2fa_status'] = esc_html__('2FA Status', 'wordfence-2fa');
495	}
496
497	- if (Controller_Permissions::shared()->can_manage_settings(wp_get_current_user())) {
498	$columns['wfls_last_login'] = esc_html__('Last Login', 'wordfence-2fa');
499	if (Controller_CAPTCHA::shared()->enabled()) {
500	$columns['wfls_last_captcha'] = esc_html__('Last CAPTCHA', 'wordfence-2fa');
	@@ -518,7 +518,7 @@ class Controller_Users {
518	$value = wp_kses(__('Inactive<small class="wfls-sub-status">(Grace Period)</small>', 'wordfence-2fa'), array('small'=>array('class'=>array())));
519	}
520	elseif (($requires2fa && !$has2fa)) {
521	- $value = wp_kses($inGracePeriod === null ? __('Locked Out<small class="wfls-sub-status">(Grace Period Disabled)</small>') : __('Locked Out<small class="wfls-sub-status">(Grace Period Exceeded)</small>', 'wordfence-2fa'), array('small'=>array('class'=>array())));
522	}
523	else {
524	$value = esc_html__('Inactive', 'wordfence-2fa');


494	$columns['wfls_2fa_status'] = esc_html__('2FA Status', 'wordfence-2fa');
495	}
496
497	+ if (Controller_Settings::shared()->are_login_history_columns_enabled() && Controller_Permissions::shared()->can_manage_settings(wp_get_current_user())) {
498	$columns['wfls_last_login'] = esc_html__('Last Login', 'wordfence-2fa');
499	if (Controller_CAPTCHA::shared()->enabled()) {
500	$columns['wfls_last_captcha'] = esc_html__('Last CAPTCHA', 'wordfence-2fa');

518	$value = wp_kses(__('Inactive<small class="wfls-sub-status">(Grace Period)</small>', 'wordfence-2fa'), array('small'=>array('class'=>array())));
519	}
520	elseif (($requires2fa && !$has2fa)) {
521	+ $value = wp_kses($inGracePeriod === null ? __('Locked Out<small class="wfls-sub-status">(Grace Period Disabled)</small>', 'wordfence-2fa') : __('Locked Out<small class="wfls-sub-status">(Grace Period Exceeded)</small>', 'wordfence-2fa'), array('small'=>array('class'=>array())));
522	}
523	else {
524	$value = esc_html__('Inactive', 'wordfence-2fa');

modules/login-security/classes/controller/wordfencels.php CHANGED Viewed

	@@ -82,13 +82,13 @@ class Controller_WordfenceLS {
82	\wfModuleController::shared()->addOptionIndex('wfls-option-allow-remember', __('Login Security: Allow remembering device for 30 days', 'wordfence-2fa'));
83	\wfModuleController::shared()->addOptionIndex('wfls-option-require-2fa-xml-rpc', __('Login Security: Require 2FA for XML-RPC call authentication', 'wordfence-2fa'));
84	\wfModuleController::shared()->addOptionIndex('wfls-option-disable-xml-rpc', __('Login Security: Disable XML-RPC authentication', 'wordfence-2fa'));
85	- \wfModuleController::shared()->addOptionIndex('wfls-option-whitelist-2fa', __('Login Security: Allowlisted IP addresses that bypass 2FA', 'wordfence-2fa'));
86	\wfModuleController::shared()->addOptionIndex('wfls-option-enable-captcha', __('Login Security: Enable reCAPTCHA on the login and user registration pages', 'wordfence-2fa'));
87
88	- $title = __('Login Security Options', 'wordfence-ls');
89	- $description = __('Login Security options are available on the Login Security options page', 'wordfence-ls');
90	$url = esc_url(network_admin_url('admin.php?page=WFLS#top#settings'));
91	- $link = __('Login Security Options', 'wordfence');;
92	\wfModuleController::shared()->addOptionBlock(<<<END
93	<div class="wf-row">
94	<div class="wf-col-xs-12">
	@@ -319,9 +319,9 @@ END
319	wp_localize_script('wordfence-ls-admin', 'WFLSVars', array(
320	'ajaxurl' => admin_url('admin-ajax.php'),
321	'nonce' => wp_create_nonce('wp-ajax'),
322	- 'modalTemplate' => Model_View::create('common/modal-prompt', array('title' => '${title}', 'message' => '${message}', 'primaryButton' => array('id' => 'wfls-generic-modal-close', 'label' => __('Close', 'wordfence'), 'link' => '#')))->render(),
323	- 'tokenInvalidTemplate' => Model_View::create('common/modal-prompt', array('title' => '${title}', 'message' => '${message}', 'primaryButton' => array('id' => 'wfls-token-invalid-modal-reload', 'label' => __('Reload', 'wordfence'), 'link' => '#')))->render(),
324	- 'modalHTMLTemplate' => Model_View::create('common/modal-prompt', array('title' => '${title}', 'message' => '{{html message}}', 'primaryButton' => array('id' => 'wfls-generic-modal-close', 'label' => __('Close', 'wordfence'), 'link' => '#')))->render(),
325	));
326	}
327	else {
	@@ -367,7 +367,7 @@ END
367	<h2 id="wfls-user-settings"><?php esc_html_e('Wordfence Login Security', 'wordfence-2fa'); ?></h2>
368	<table class="form-table">
369	<tr id="wordfence-ls">
370	- <th><label for="wordfence-ls-btn"><?php esc_html_e('2FA Status'); ?></label></th>
371	<td>
372	<?php if ($userAllowed2fa): ?>
373	<p>
	@@ -546,9 +546,9 @@ END
546	'ip' => Model_Request::current()->ip(),
547	'canEnable2FA' => Controller_Users::shared()->can_activate_2fa($user),
548	));
549	- wp_mail($user->user_email, __('Login Verification Required', 'wordfence-ls'), $view->render(), "Content-Type: text/html");
550
551	- return new \WP_Error('wfls_captcha_verify', wp_kses(__('<strong>VERIFICATION REQUIRED</strong>: Additional verification is required for login. Please check the email address associated with the account for a verification link.', 'wordfence-ls'), array('strong'=>array())));
552	}
553	//else -- Can't generate payload due to host failure, allow it to proceed
554	}
	@@ -871,7 +871,7 @@ END
871	else {
872	$sections[] = array(
873	'tab' => new Model_Tab('manage', 'manage', __('Two-Factor Authentication', 'wordfence-2fa'), __('Two-Factor Authentication', 'wordfence-2fa')),
874	- 'title' => new Model_Title('manage', __('Two-Factor Authentication', 'wordfence-2fa'), Controller_Support::supportURL(Controller_Support::ITEM_MODULE_LOGIN_SECURITY_2FA), new Model_HTML(wp_kses(__('Learn more<span class="wfls-hidden-xs"> about Two-Factor Authentication</span>', 'wordfence'), array('span'=>array('class'=>array()))))),
875	'content' => new Model_View('page/manage', array(
876	'user' => $user,
877	'canEditUsers' => $canEditUsers,
	@@ -881,7 +881,7 @@ END
881	if ($administrator) {
882	$sections[] = array(
883	'tab' => new Model_Tab('settings', 'settings', __('Settings', 'wordfence-2fa'), __('Settings', 'wordfence-2fa')),
884	- 'title' => new Model_Title('settings', __('Login Security Settings', 'wordfence-2fa'), Controller_Support::supportURL(Controller_Support::ITEM_MODULE_LOGIN_SECURITY), new Model_HTML(wp_kses(__('Learn more<span class="wfls-hidden-xs"> about Login Security</span>', 'wordfence'), array('span'=>array('class'=>array()))))),
885	'content' => new Model_View('page/settings', array(
886	'hasWoocommerce' => $this->has_woocommerce()
887	)),
	@@ -907,18 +907,18 @@ END
907	if ($requireCaptcha) {
908	if ($token === null && !$captchaController->test_mode()) {
909	return array(
910	- 'message' => wp_kses(__('<strong>REGISTRATION ATTEMPT BLOCKED</strong>: This site requires a security token created when the page loads for all registration attempts. Please ensure JavaScript is enabled and try again.', 'wordfence-ls'), array('strong'=>array())),
911	'category' => 'wfls_captcha_required'
912	);
913	}
914	$score = $captchaController->score($token);
915	if ($score === false && !$captchaController->test_mode()) {
916	return array(
917	- 'message' => wp_kses(__('<strong>REGISTRATION ATTEMPT BLOCKED</strong>: The security token for the login attempt was invalid or expired. Please reload the page and try again.', 'wordfence-ls'), array('strong'=>array())),
918	'category' => 'wfls_captcha_required'
919	);
920	}
921	- Controller_Users::shared()->record_captcha_score(null, $~~token~~);
922	if (!$captchaController->is_human($score)) {
923	$encryptedIP = Model_Symmetric::encrypt(Model_Request::current()->ip());
924	$encryptedScore = Model_Symmetric::encrypt($score);
	@@ -927,10 +927,10 @@ END
927	);
928	if ($encryptedIP && $encryptedScore && filter_var(get_site_option('admin_email'), FILTER_VALIDATE_EMAIL)) {
929	$jwt = new Model_JWT(array('ip' => $encryptedIP, 'score' => $encryptedScore), Controller_Time::time() + 600);
930	- $result['message'] = wp_kses(sprintf(__('<strong>REGISTRATION BLOCKED</strong>: The registration request was blocked because it was flagged as spam. Please try again or <a href="#" class="wfls-registration-captcha-contact" data-token="%s">contact the site owner</a> for help.', 'wordfence-ls'), esc_attr((string)$jwt)), array('strong'=>array(), 'a'=>array('href'=>array(), 'class'=>array(), 'data-token'=>array())));
931	}
932	else {
933	- $result['message'] = wp_kses(__('<strong>REGISTRATION BLOCKED</strong>: The registration request was blocked because it was flagged as spam. Please try again or contact the site owner for help.', 'wordfence-ls'), array('strong'=>array()));
934	}
935	return $result;
936	}


82	\wfModuleController::shared()->addOptionIndex('wfls-option-allow-remember', __('Login Security: Allow remembering device for 30 days', 'wordfence-2fa'));
83	\wfModuleController::shared()->addOptionIndex('wfls-option-require-2fa-xml-rpc', __('Login Security: Require 2FA for XML-RPC call authentication', 'wordfence-2fa'));
84	\wfModuleController::shared()->addOptionIndex('wfls-option-disable-xml-rpc', __('Login Security: Disable XML-RPC authentication', 'wordfence-2fa'));
85	+ \wfModuleController::shared()->addOptionIndex('wfls-option-whitelist-2fa', __('Login Security: Allowlisted IP addresses that bypass 2FA and reCAPTCHA', 'wordfence-2fa'));
86	\wfModuleController::shared()->addOptionIndex('wfls-option-enable-captcha', __('Login Security: Enable reCAPTCHA on the login and user registration pages', 'wordfence-2fa'));
87
88	+ $title = __('Login Security Options', 'wordfence-2fa');
89	+ $description = __('Login Security options are available on the Login Security options page', 'wordfence-2fa');
90	$url = esc_url(network_admin_url('admin.php?page=WFLS#top#settings'));
91	+ $link = __('Login Security Options', 'wordfence-2fa');;
92	\wfModuleController::shared()->addOptionBlock(<<<END
93	<div class="wf-row">
94	<div class="wf-col-xs-12">

319	wp_localize_script('wordfence-ls-admin', 'WFLSVars', array(
320	'ajaxurl' => admin_url('admin-ajax.php'),
321	'nonce' => wp_create_nonce('wp-ajax'),
322	+ 'modalTemplate' => Model_View::create('common/modal-prompt', array('title' => '${title}', 'message' => '${message}', 'primaryButton' => array('id' => 'wfls-generic-modal-close', 'label' => __('Close', 'wordfence-2fa'), 'link' => '#')))->render(),
323	+ 'tokenInvalidTemplate' => Model_View::create('common/modal-prompt', array('title' => '${title}', 'message' => '${message}', 'primaryButton' => array('id' => 'wfls-token-invalid-modal-reload', 'label' => __('Reload', 'wordfence-2fa'), 'link' => '#')))->render(),
324	+ 'modalHTMLTemplate' => Model_View::create('common/modal-prompt', array('title' => '${title}', 'message' => '{{html message}}', 'primaryButton' => array('id' => 'wfls-generic-modal-close', 'label' => __('Close', 'wordfence-2fa'), 'link' => '#')))->render(),
325	));
326	}
327	else {

367	<h2 id="wfls-user-settings"><?php esc_html_e('Wordfence Login Security', 'wordfence-2fa'); ?></h2>
368	<table class="form-table">
369	<tr id="wordfence-ls">
370	+ <th><label for="wordfence-ls-btn"><?php esc_html_e('2FA Status', 'wordfence-2fa'); ?></label></th>
371	<td>
372	<?php if ($userAllowed2fa): ?>
373	<p>

546	'ip' => Model_Request::current()->ip(),
547	'canEnable2FA' => Controller_Users::shared()->can_activate_2fa($user),
548	));
549	+ wp_mail($user->user_email, __('Login Verification Required', 'wordfence-2fa'), $view->render(), "Content-Type: text/html");
550
551	+ return new \WP_Error('wfls_captcha_verify', wp_kses(__('<strong>VERIFICATION REQUIRED</strong>: Additional verification is required for login. Please check the email address associated with the account for a verification link.', 'wordfence-2fa'), array('strong'=>array())));
552	}
553	//else -- Can't generate payload due to host failure, allow it to proceed
554	}

871	else {
872	$sections[] = array(
873	'tab' => new Model_Tab('manage', 'manage', __('Two-Factor Authentication', 'wordfence-2fa'), __('Two-Factor Authentication', 'wordfence-2fa')),
874	+ 'title' => new Model_Title('manage', __('Two-Factor Authentication', 'wordfence-2fa'), Controller_Support::supportURL(Controller_Support::ITEM_MODULE_LOGIN_SECURITY_2FA), new Model_HTML(wp_kses(__('Learn more<span class="wfls-hidden-xs"> about Two-Factor Authentication</span>', 'wordfence-2fa'), array('span'=>array('class'=>array()))))),
875	'content' => new Model_View('page/manage', array(
876	'user' => $user,
877	'canEditUsers' => $canEditUsers,

881	if ($administrator) {
882	$sections[] = array(
883	'tab' => new Model_Tab('settings', 'settings', __('Settings', 'wordfence-2fa'), __('Settings', 'wordfence-2fa')),
884	+ 'title' => new Model_Title('settings', __('Login Security Settings', 'wordfence-2fa'), Controller_Support::supportURL(Controller_Support::ITEM_MODULE_LOGIN_SECURITY), new Model_HTML(wp_kses(__('Learn more<span class="wfls-hidden-xs"> about Login Security</span>', 'wordfence-2fa'), array('span'=>array('class'=>array()))))),
885	'content' => new Model_View('page/settings', array(
886	'hasWoocommerce' => $this->has_woocommerce()
887	)),

907	if ($requireCaptcha) {
908	if ($token === null && !$captchaController->test_mode()) {
909	return array(
910	+ 'message' => wp_kses(__('<strong>REGISTRATION ATTEMPT BLOCKED</strong>: This site requires a security token created when the page loads for all registration attempts. Please ensure JavaScript is enabled and try again.', 'wordfence-2fa'), array('strong'=>array())),
911	'category' => 'wfls_captcha_required'
912	);
913	}
914	$score = $captchaController->score($token);
915	if ($score === false && !$captchaController->test_mode()) {
916	return array(
917	+ 'message' => wp_kses(__('<strong>REGISTRATION ATTEMPT BLOCKED</strong>: The security token for the login attempt was invalid or expired. Please reload the page and try again.', 'wordfence-2fa'), array('strong'=>array())),
918	'category' => 'wfls_captcha_required'
919	);
920	}
921	+ Controller_Users::shared()->record_captcha_score(null, $score);
922	if (!$captchaController->is_human($score)) {
923	$encryptedIP = Model_Symmetric::encrypt(Model_Request::current()->ip());
924	$encryptedScore = Model_Symmetric::encrypt($score);

927	);
928	if ($encryptedIP && $encryptedScore && filter_var(get_site_option('admin_email'), FILTER_VALIDATE_EMAIL)) {
929	$jwt = new Model_JWT(array('ip' => $encryptedIP, 'score' => $encryptedScore), Controller_Time::time() + 600);
930	+ $result['message'] = wp_kses(sprintf(__('<strong>REGISTRATION BLOCKED</strong>: The registration request was blocked because it was flagged as spam. Please try again or <a href="#" class="wfls-registration-captcha-contact" data-token="%s">contact the site owner</a> for help.', 'wordfence-2fa'), esc_attr((string)$jwt)), array('strong'=>array(), 'a'=>array('href'=>array(), 'class'=>array(), 'data-token'=>array())));
931	}
932	else {
933	+ $result['message'] = wp_kses(__('<strong>REGISTRATION BLOCKED</strong>: The registration request was blocked because it was flagged as spam. Please try again or contact the site owner for help.', 'wordfence-2fa'), array('strong'=>array()));
934	}
935	return $result;
936	}

modules/login-security/css/{admin-global.1652811581.css → admin-global.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{admin.1652811581.css → admin.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{colorbox.1652811581.css → colorbox.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{font-awesome.1652811581.css → font-awesome.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{ionicons.1652811581.css → ionicons.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui.min.1652811581.css → jquery-ui.min.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui.structure.min.1652811581.css → jquery-ui.structure.min.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui.theme.min.1652811581.css → jquery-ui.theme.min.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/css/{login.1652811581.css → login.1655226500.css} RENAMED Viewed

File without changes

modules/login-security/js/{admin-global.1652811581.js → admin-global.1655226500.js} RENAMED Viewed

File without changes

modules/login-security/js/{admin.1652811581.js → admin.1655226500.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.colorbox.1652811581.js → jquery.colorbox.1655226500.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.colorbox.min.1652811581.js → jquery.colorbox.min.1655226500.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.qrcode.min.1652811581.js → jquery.qrcode.min.1655226500.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.tmpl.min.1652811581.js → jquery.tmpl.min.1655226500.js} RENAMED Viewed

File without changes

modules/login-security/js/{login.1652811581.js → login.1655226500.js} RENAMED Viewed

	@@ -340,7 +340,7 @@
340	var overlay = $('<div id="wfls-prompt-overlay"></div>');
341	var wrapper = $('<div id="wfls-prompt-wrapper"></div>');
342	var label = $('<p><label for="wfls-token">2FA Code <a href="javascript:void(0)" class="wfls-2fa-code-help wfls-tooltip-trigger" title="The 2FA Code can be found within the authenticator app you used when first activating two-factor authentication. You may also use one of your recovery codes."><i class="dashicons dashicons-editor-help"></i></a></label></p>');
343	- var field = $('<p><input type="text" name="wfls-token" id="wfls-token" aria-describedby="wfls-token-error" class="input" value="" size="6" autocomplete="~~off~~"/></p>');
344	var remember = $('<p class="wfls-remember-device-wrapper"><label for="wfls-remember-device"><input name="wfls-remember-device" type="checkbox" id="wfls-remember-device" value="1" /> Remember for 30 days</label></p>');
345	var button = $('<p class="submit"><input type="submit" name="wfls-token-submit" id="wfls-token-submit" class="button button-primary button-large" value="Log In"/></p>');
346	wrapper.append(label);


340	var overlay = $('<div id="wfls-prompt-overlay"></div>');
341	var wrapper = $('<div id="wfls-prompt-wrapper"></div>');
342	var label = $('<p><label for="wfls-token">2FA Code <a href="javascript:void(0)" class="wfls-2fa-code-help wfls-tooltip-trigger" title="The 2FA Code can be found within the authenticator app you used when first activating two-factor authentication. You may also use one of your recovery codes."><i class="dashicons dashicons-editor-help"></i></a></label></p>');
343	+ var field = $('<p><input type="text" name="wfls-token" id="wfls-token" aria-describedby="wfls-token-error" class="input" value="" size="6" autocomplete="one-time-code"/></p>');
344	var remember = $('<p class="wfls-remember-device-wrapper"><label for="wfls-remember-device"><input name="wfls-remember-device" type="checkbox" id="wfls-remember-device" value="1" /> Remember for 30 days</label></p>');
345	var button = $('<p class="submit"><input type="submit" name="wfls-token-submit" id="wfls-token-submit" class="button button-primary button-large" value="Log In"/></p>');
346	wrapper.append(label);

modules/login-security/views/email/login-verification.php CHANGED Viewed

	@@ -8,15 +8,15 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
8	* @var bool $canEnable2FA Whether or not the user this is being sent to can enable 2FA. Optional
9	*/
10	?>
11	- <strong><?php echo wp_kses(sprintf(__('Please verify a login attempt for your account on <a href="%s"><strong>%s</strong></a>.', 'wordfence-ls'), esc_url($siteURL), $siteName), array('a'=>array('href'=>array()), 'strong'=>array())); ?></strong>
12	<br><br>
13	- <?php echo '<strong>' . esc_html__('Request Time:', 'wordfence-ls') . '</strong> ' . esc_html(\WordfenceLS\Controller_Time::format_local_time('F j, Y h:i:s A')); ?><br>
14	- <?php echo '<strong>' . esc_html__('IP:', 'wordfence-ls') . '</strong> ' . esc_html($ip); ?>
15	<br><br>
16	- <?php echo wp_kses(__('The request was flagged as suspicious, and we need verification that you attempted to log in to allow it to proceed. This verification link <b>will be valid for 15 minutes</b> from the time it was sent. If you did not attempt this login, please change your password immediately.', 'wordfence-ls'), array('b'=>array())); ?>
17	<br><br>
18	<?php if (isset($canEnable2FA) && $canEnable2FA): ?>
19	- <?php esc_html_e('You may bypass this verification step permanently by enabling two-factor authentication on your account.', 'wordfence-ls'); ?>
20	<br><br>
21	<?php endif; ?>
22	- <?php echo wp_kses(sprintf(__('<a href="%s"><b>Verify and Log In</b></a>', 'wordfence-ls'), esc_url($verificationURL)), array('a'=>array('href'=>array()), 'b'=>array())); ?>


8	* @var bool $canEnable2FA Whether or not the user this is being sent to can enable 2FA. Optional
9	*/
10	?>
11	+ <strong><?php echo wp_kses(sprintf(__('Please verify a login attempt for your account on <a href="%s"><strong>%s</strong></a>.', 'wordfence-2fa'), esc_url($siteURL), $siteName), array('a'=>array('href'=>array()), 'strong'=>array())); ?></strong>
12	<br><br>
13	+ <?php echo '<strong>' . esc_html__('Request Time:', 'wordfence-2fa') . '</strong> ' . esc_html(\WordfenceLS\Controller_Time::format_local_time('F j, Y h:i:s A')); ?><br>
14	+ <?php echo '<strong>' . esc_html__('IP:', 'wordfence-2fa') . '</strong> ' . esc_html($ip); ?>
15	<br><br>
16	+ <?php echo wp_kses(__('The request was flagged as suspicious, and we need verification that you attempted to log in to allow it to proceed. This verification link <b>will be valid for 15 minutes</b> from the time it was sent. If you did not attempt this login, please change your password immediately.', 'wordfence-2fa'), array('b'=>array())); ?>
17	<br><br>
18	<?php if (isset($canEnable2FA) && $canEnable2FA): ?>
19	+ <?php esc_html_e('You may bypass this verification step permanently by enabling two-factor authentication on your account.', 'wordfence-2fa'); ?>
20	<br><br>
21	<?php endif; ?>
22	+ <?php echo wp_kses(sprintf(__('<a href="%s"><b>Verify and Log In</b></a>', 'wordfence-2fa'), esc_url($verificationURL)), array('a'=>array('href'=>array()), 'b'=>array())); ?>

modules/login-security/views/manage/activate.php CHANGED Viewed

	@@ -122,8 +122,8 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
122	echo \WordfenceLS\Model_View::create('common/modal-prompt', array(
123	'title' => __('Download Recovery Codes', 'wordfence-2fa'),
124	'message' => __('Reminder: If you lose access to your authenticator device, you can use recovery codes to log in. If you have not saved a copy of your recovery codes, we recommend downloading them now.', 'wordfence-2fa'),
125	- 'primaryButton' => array('id' => 'wfls-recovery-skipped-download', 'label' => __('Download', 'wordfence'), 'link' => '#'),
126	- 'secondaryButtons' => array(array('id' => 'wfls-recovery-skipped-skip', 'label' => __('Skip', 'wordfence'), 'link' => '#')),
127	))->render();
128	?>
129	</script>


122	echo \WordfenceLS\Model_View::create('common/modal-prompt', array(
123	'title' => __('Download Recovery Codes', 'wordfence-2fa'),
124	'message' => __('Reminder: If you lose access to your authenticator device, you can use recovery codes to log in. If you have not saved a copy of your recovery codes, we recommend downloading them now.', 'wordfence-2fa'),
125	+ 'primaryButton' => array('id' => 'wfls-recovery-skipped-download', 'label' => __('Download', 'wordfence-2fa'), 'link' => '#'),
126	+ 'secondaryButtons' => array(array('id' => 'wfls-recovery-skipped-skip', 'label' => __('Skip', 'wordfence-2fa'), 'link' => '#')),
127	))->render();
128	?>
129	</script>

modules/login-security/views/manage/code.php CHANGED Viewed

	@@ -10,7 +10,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
10	<div class="wfls-block-header wfls-block-header-border-bottom">
11	<div class="wfls-block-header-content">
12	<div class="wfls-block-title">
13	- <strong><?php esc_html_e('1. Scan Code or Enter Key', 'wordfence'); ?></strong>
14	</div>
15	</div>
16	</div>


10	<div class="wfls-block-header wfls-block-header-border-bottom">
11	<div class="wfls-block-header-content">
12	<div class="wfls-block-title">
13	+ <strong><?php esc_html_e('1. Scan Code or Enter Key', 'wordfence-2fa'); ?></strong>
14	</div>
15	</div>
16	</div>

modules/login-security/views/manage/deactivate.php CHANGED Viewed

	@@ -26,10 +26,10 @@ if ($ownUser->ID == $user->ID) {
26	<script type="text/x-jquery-template" id="wfls-tmpl-deactivate-prompt">
27	<?php
28	echo \WordfenceLS\Model_View::create('common/modal-prompt', array(
29	- 'title' => __('Deactivate 2FA', 'wordfence'),
30	- 'message' => __('Are you sure you want to deactivate two-factor authentication?'),
31	- 'primaryButton' => array('id' => 'wfls-deactivate-prompt-cancel', 'label' => __('Cancel', 'wordfence'), 'link' => '#'),
32	- 'secondaryButtons' => array(array('id' => 'wfls-deactivate-prompt-confirm', 'label' => __('Deactivate', 'wordfence'), 'link' => '#')),
33	))->render();
34	?>
35	</script>


26	<script type="text/x-jquery-template" id="wfls-tmpl-deactivate-prompt">
27	<?php
28	echo \WordfenceLS\Model_View::create('common/modal-prompt', array(
29	+ 'title' => __('Deactivate 2FA', 'wordfence-2fa'),
30	+ 'message' => __('Are you sure you want to deactivate two-factor authentication?', 'wordfence-2fa'),
31	+ 'primaryButton' => array('id' => 'wfls-deactivate-prompt-cancel', 'label' => __('Cancel', 'wordfence-2fa'), 'link' => '#'),
32	+ 'secondaryButtons' => array(array('id' => 'wfls-deactivate-prompt-confirm', 'label' => __('Deactivate', 'wordfence-2fa'), 'link' => '#')),
33	))->render();
34	?>
35	</script>

modules/login-security/views/manage/regenerate.php CHANGED Viewed

	@@ -21,10 +21,10 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
21	<script type="text/x-jquery-template" id="wfls-tmpl-recovery-prompt">
22	<?php
23	echo \WordfenceLS\Model_View::create('common/modal-prompt', array(
24	- 'title' => __('Generate New Recovery Codes', 'wordfence'),
25	- 'message' => __('Are you sure you want to generate new recovery codes? Any remaining unused codes will be disabled.'),
26	- 'primaryButton' => array('id' => 'wfls-recovery-prompt-cancel', 'label' => __('Cancel', 'wordfence'), 'link' => '#'),
27	- 'secondaryButtons' => array(array('id' => 'wfls-recovery-prompt-confirm', 'label' => __('Generate', 'wordfence'), 'link' => '#')),
28	))->render();
29	?>
30	</script>


21	<script type="text/x-jquery-template" id="wfls-tmpl-recovery-prompt">
22	<?php
23	echo \WordfenceLS\Model_View::create('common/modal-prompt', array(
24	+ 'title' => __('Generate New Recovery Codes', 'wordfence-2fa'),
25	+ 'message' => __('Are you sure you want to generate new recovery codes? Any remaining unused codes will be disabled.', 'wordfence-2fa'),
26	+ 'primaryButton' => array('id' => 'wfls-recovery-prompt-cancel', 'label' => __('Cancel', 'wordfence-2fa'), 'link' => '#'),
27	+ 'secondaryButtons' => array(array('id' => 'wfls-recovery-prompt-confirm', 'label' => __('Generate', 'wordfence-2fa'), 'link' => '#')),
28	))->render();
29	?>
30	</script>

modules/login-security/views/options/option-captcha-threshold.php CHANGED Viewed

	@@ -45,7 +45,7 @@ $selectOptions = array(
45	<li class="wfls-option-spacer"></li>
46	<li>
47	<canvas id="wfls-recaptcha-score-history"></canvas>
48	- <div class="wfls-center"><a href="#" id="wfls-reset-recaptcha-score-stats" class="wfls-text-small"><?php esc_html_e('Reset Score Statistics', 'wordfence'); ?></a></div>
49	</li>
50	</ul>
51	</li>
	@@ -132,4 +132,4 @@ $selectOptions = array(
132	}
133	});
134	})(jQuery);
135	- </script>


45	<li class="wfls-option-spacer"></li>
46	<li>
47	<canvas id="wfls-recaptcha-score-history"></canvas>
48	+ <div class="wfls-center"><a href="#" id="wfls-reset-recaptcha-score-stats" class="wfls-text-small"><?php esc_html_e('Reset Score Statistics', 'wordfence-2fa'); ?></a></div>
49	</li>
50	</ul>
51	</li>

132	}
133	});
134	})(jQuery);
135	+ </script>

modules/login-security/views/options/option-captcha.php CHANGED Viewed

	@@ -17,9 +17,9 @@ $secretValue = \WordfenceLS\Controller_Settings::shared()->get($secretOptionName
17	<li class="wfls-option-title">
18	<ul class="wfls-flex-vertical wfls-flex-align-left">
19	<li>
20	- <strong id="wfls-enable-auth-captcha-label"><?php esc_html_e('Enable reCAPTCHA on the login and user registration pages', 'wordfence-ls'); ?></strong>
21	</li>
22	- <li class="wfls-option-subtitle"><?php printf(__('reCAPTCHA v3 does not make users solve puzzles or click a checkbox like previous versions. The only visible part is the reCAPTCHA logo. If a visitor\'s browser fails the CAPTCHA, Wordfence will send an email to the user\'s address with a link they can click to verify that they are a user of your site. You can read further details <a href="%s" target="_blank" rel="noopener noreferrer">in our documentation</a>.', 'wordfence-ls'), \WordfenceLS\Controller_Support::esc_supportURL(\WordfenceLS\Controller_Support::ITEM_MODULE_LOGIN_SECURITY_CAPTCHA)); ?></li>
23	</ul>
24	</li>
25	</ul>
	@@ -30,11 +30,11 @@ $secretValue = \WordfenceLS\Controller_Settings::shared()->get($secretOptionName
30	<li>
31	<table>
32	<tr class="wfls-option wfls-option-text" data-original-value="<?php echo esc_attr($siteKeyValue); ?>" data-text-option="<?php echo esc_attr($siteKeyOptionName); ?>">
33	- <th id="wfls-enable-captcha-site-key-label" class="wfls-padding-add-bottom"><?php esc_html_e('reCAPTCHA v3 Site Key', 'wordfence-ls'); ?></th>
34	<td class="wfls-option-text wfls-padding-add-bottom"><input type="text" name="recaptchaSiteKey" id="input-recaptchaSiteKey" class="wfls-form-control" value="<?php echo esc_attr($siteKeyValue); ?>"<?php if (!$currentEnableValue) { echo ' disabled'; } ?>></td>
35	</tr>
36	<tr class="wfls-option wfls-option-text" data-original-value="<?php echo esc_attr($secretValue); ?>" data-text-option="<?php echo esc_attr($secretOptionName); ?>">
37	- <th id="wfls-enable-captcha-secret-label"><?php esc_html_e('reCAPTCHA v3 Secret', 'wordfence-ls'); ?></th>
38	<td class="wfls-option-text"><input type="text" name="recaptchaSecret" id="input-recaptchaSecret" class="wfls-form-control" value="<?php echo esc_attr($secretValue); ?>"<?php if (!$currentEnableValue) { echo ' disabled'; } ?>></td>
39	</tr>
40	</table>
	@@ -44,7 +44,7 @@ $secretValue = \WordfenceLS\Controller_Settings::shared()->get($secretOptionName
44	<li class="wfls-option-spacer"></li>
45	<li class="wfls-option-title">
46	<ul class="wfls-flex-vertical wfls-flex-align-left">
47	- <li class="wfls-option-subtitle"><?php echo wp_kses(__('Note: This feature requires a free site key and secret for the <a href="https://www.google.com/recaptcha/about/" target="_blank" rel="noopener noreferrer">Google reCAPTCHA v3 Service</a>. To set up new reCAPTCHA keys, log into your Google account and go to the <a href="https://www.google.com/recaptcha/admin" target="_blank" rel="noopener noreferrer">reCAPTCHA admin page</a>.', 'wordfence-ls'), array('a'=>array('href'=>array(), 'target'=>array(), 'rel'=>array()))); ?></li>
48	</ul>
49	</li>
50	</ul>


17	<li class="wfls-option-title">
18	<ul class="wfls-flex-vertical wfls-flex-align-left">
19	<li>
20	+ <strong id="wfls-enable-auth-captcha-label"><?php esc_html_e('Enable reCAPTCHA on the login and user registration pages', 'wordfence-2fa'); ?></strong>
21	</li>
22	+ <li class="wfls-option-subtitle"><?php printf(__('reCAPTCHA v3 does not make users solve puzzles or click a checkbox like previous versions. The only visible part is the reCAPTCHA logo. If a visitor\'s browser fails the CAPTCHA, Wordfence will send an email to the user\'s address with a link they can click to verify that they are a user of your site. You can read further details <a href="%s" target="_blank" rel="noopener noreferrer">in our documentation</a>.', 'wordfence-2fa'), \WordfenceLS\Controller_Support::esc_supportURL(\WordfenceLS\Controller_Support::ITEM_MODULE_LOGIN_SECURITY_CAPTCHA)); ?></li>
23	</ul>
24	</li>
25	</ul>

30	<li>
31	<table>
32	<tr class="wfls-option wfls-option-text" data-original-value="<?php echo esc_attr($siteKeyValue); ?>" data-text-option="<?php echo esc_attr($siteKeyOptionName); ?>">
33	+ <th id="wfls-enable-captcha-site-key-label" class="wfls-padding-add-bottom"><?php esc_html_e('reCAPTCHA v3 Site Key', 'wordfence-2fa'); ?></th>
34	<td class="wfls-option-text wfls-padding-add-bottom"><input type="text" name="recaptchaSiteKey" id="input-recaptchaSiteKey" class="wfls-form-control" value="<?php echo esc_attr($siteKeyValue); ?>"<?php if (!$currentEnableValue) { echo ' disabled'; } ?>></td>
35	</tr>
36	<tr class="wfls-option wfls-option-text" data-original-value="<?php echo esc_attr($secretValue); ?>" data-text-option="<?php echo esc_attr($secretOptionName); ?>">
37	+ <th id="wfls-enable-captcha-secret-label"><?php esc_html_e('reCAPTCHA v3 Secret', 'wordfence-2fa'); ?></th>
38	<td class="wfls-option-text"><input type="text" name="recaptchaSecret" id="input-recaptchaSecret" class="wfls-form-control" value="<?php echo esc_attr($secretValue); ?>"<?php if (!$currentEnableValue) { echo ' disabled'; } ?>></td>
39	</tr>
40	</table>

44	<li class="wfls-option-spacer"></li>
45	<li class="wfls-option-title">
46	<ul class="wfls-flex-vertical wfls-flex-align-left">
47	+ <li class="wfls-option-subtitle"><?php echo wp_kses(__('Note: This feature requires a free site key and secret for the <a href="https://www.google.com/recaptcha/about/" target="_blank" rel="noopener noreferrer">Google reCAPTCHA v3 Service</a>. To set up new reCAPTCHA keys, log into your Google account and go to the <a href="https://www.google.com/recaptcha/admin" target="_blank" rel="noopener noreferrer">reCAPTCHA admin page</a>.', 'wordfence-2fa'), array('a'=>array('href'=>array(), 'target'=>array(), 'rel'=>array()))); ?></li>
48	</ul>
49	</li>
50	</ul>

modules/login-security/views/options/option-roles.php CHANGED Viewed

	@@ -51,7 +51,7 @@ foreach ($options as $option) {
51	<li class="wfls-2fa-grace-period-container">
52	<label for="wfls-2fa-grace-period" class="wfls-primary-label"><?php esc_html_e('Grace Period', 'wordfence-2fa') ?></label>
53	<input id="wfls-2fa-grace-period" type="text" pattern="[0-9]+" value="<?php echo (int)$gracePeriod; ?>" class="wfls-option-input wfls-option-input-required" name="<?php echo esc_html(Controller_Settings::OPTION_REQUIRE_2FA_USER_GRACE_PERIOD) ?>" maxlength="2">
54	- <label for="wfls-2fa-grace-period"><?php esc_html_e('days') ?></label>
55	<div id="wfls-grace-period-zero-warning" style="display: none;">
56	<strong><?php esc_html_e('Setting the grace period to 0 will prevent users in roles where 2FA is required, including newly created users, from logging in if they have not already enabled two-factor authentication.', 'wordfence-2fa') ?></strong>
57	<a href="<?php echo esc_attr(\WordfenceLS\Controller_Support::esc_supportURL(\WordfenceLS\Controller_Support::ITEM_MODULE_LOGIN_SECURITY_ROLES)) ?>" target="_blank" rel="noopener noreferrer"><?php esc_html_e('Learn More', 'wordfence-2fa') ?></a>
	@@ -65,8 +65,8 @@ foreach ($options as $option) {
65	<option value="<?php echo esc_attr($role) ?>"><?php echo esc_html($label) ?></option>
66	<?php endforeach ?>
67	</select>
68	- <button class="wfls-btn wfls-btn-default wfls-btn-sm" id="wfls-send-grace-period-notification"><?php esc_html_e('Notify') ?></button>
69	- <small><?php esc_html_e('Send an email to users with the selected role to notify them of the grace period for enabling 2FA.') ?></small>
70	</li>
71	<?php endif ?>
72	</ul>


51	<li class="wfls-2fa-grace-period-container">
52	<label for="wfls-2fa-grace-period" class="wfls-primary-label"><?php esc_html_e('Grace Period', 'wordfence-2fa') ?></label>
53	<input id="wfls-2fa-grace-period" type="text" pattern="[0-9]+" value="<?php echo (int)$gracePeriod; ?>" class="wfls-option-input wfls-option-input-required" name="<?php echo esc_html(Controller_Settings::OPTION_REQUIRE_2FA_USER_GRACE_PERIOD) ?>" maxlength="2">
54	+ <label for="wfls-2fa-grace-period"><?php esc_html_e('days', 'wordfence-2fa') ?></label>
55	<div id="wfls-grace-period-zero-warning" style="display: none;">
56	<strong><?php esc_html_e('Setting the grace period to 0 will prevent users in roles where 2FA is required, including newly created users, from logging in if they have not already enabled two-factor authentication.', 'wordfence-2fa') ?></strong>
57	<a href="<?php echo esc_attr(\WordfenceLS\Controller_Support::esc_supportURL(\WordfenceLS\Controller_Support::ITEM_MODULE_LOGIN_SECURITY_ROLES)) ?>" target="_blank" rel="noopener noreferrer"><?php esc_html_e('Learn More', 'wordfence-2fa') ?></a>

65	<option value="<?php echo esc_attr($role) ?>"><?php echo esc_html($label) ?></option>
66	<?php endforeach ?>
67	</select>
68	+ <button class="wfls-btn wfls-btn-default wfls-btn-sm" id="wfls-send-grace-period-notification"><?php esc_html_e('Notify', 'wordfence-2fa') ?></button>
69	+ <small><?php esc_html_e('Send an email to users with the selected role to notify them of the grace period for enabling 2FA.', 'wordfence-2fa') ?></small>
70	</li>
71	<?php endif ?>
72	</ul>

modules/login-security/views/options/option-select.php CHANGED Viewed

	@@ -19,7 +19,7 @@ $id = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $selectOptionName);
19	<li class="wfls-option-spacer"></li>
20	<li class="wfls-option-content">
21	<ul>
22	- <li class="wfls-option-title"><span id="<?php echo esc_attr($id); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
23	<li class="wfls-option-select wfls-padding-add-top-xs-small">
24	<select<?php echo (!(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?> aria-labelledby="<?php echo esc_attr($id); ?>-label">
25	<?php foreach ($selectOptions as $o): ?>


19	<li class="wfls-option-spacer"></li>
20	<li class="wfls-option-content">
21	<ul>
22	+ <li class="wfls-option-title"><span id="<?php echo esc_attr($id); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
23	<li class="wfls-option-select wfls-padding-add-top-xs-small">
24	<select<?php echo (!(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?> aria-labelledby="<?php echo esc_attr($id); ?>-label">
25	<?php foreach ($selectOptions as $o): ?>

modules/login-security/views/options/option-text.php CHANGED Viewed

	@@ -27,7 +27,7 @@ $id = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $textOptionName);
27	<ul class="wfls-flex-vertical wfls-flex-align-left">
28	<li>
29	<?php endif; ?>
30	- <span id="<?php echo esc_attr($id); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
31	<?php if (isset($subtitle)): ?>
32	</li>
33	<li class="wfls-option-subtitle"><?php echo esc_html($subtitle); ?></li>


27	<ul class="wfls-flex-vertical wfls-flex-align-left">
28	<li>
29	<?php endif; ?>
30	+ <span id="<?php echo esc_attr($id); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
31	<?php if (isset($subtitle)): ?>
32	</li>
33	<li class="wfls-option-subtitle"><?php echo esc_html($subtitle); ?></li>

modules/login-security/views/options/option-toggled-boolean-switch.php CHANGED Viewed

	@@ -29,7 +29,7 @@ $id = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $optionName);
29	<ul class="wfls-flex-vertical wfls-flex-align-left">
30	<li>
31	<?php endif; ?>
32	- <span id="<?php echo esc_attr($id); ?>-label"><?php echo (!empty($title)) ? esc_html($title) : ''; echo (!empty($htmlTitle)) ? wp_kses($htmlTitle, 'post') : ''; ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
33	<?php if (isset($subtitleHTML)): ?>
34	</li>
35	<li class="wfls-option-subtitle"><?php echo $subtitleHTML; ?></li>


29	<ul class="wfls-flex-vertical wfls-flex-align-left">
30	<li>
31	<?php endif; ?>
32	+ <span id="<?php echo esc_attr($id); ?>-label"><?php echo (!empty($title)) ? esc_html($title) : ''; echo (!empty($htmlTitle)) ? wp_kses($htmlTitle, 'post') : ''; ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
33	<?php if (isset($subtitleHTML)): ?>
34	</li>
35	<li class="wfls-option-subtitle"><?php echo $subtitleHTML; ?></li>

modules/login-security/views/options/option-toggled-segmented.php CHANGED Viewed

	@@ -18,7 +18,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
18	$id = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $optionName);
19	?>
20	<ul id="<?php echo esc_attr($id); ?>" class="wfls-option wfls-option-toggled-segmented<?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' wfls-option-premium'; } ?>" data-option="<?php echo esc_attr($optionName); ?>" data-enabled-value="<?php echo esc_attr($enabledValue); ?>" data-disabled-value="<?php echo esc_attr($disabledValue); ?>" data-original-value="<?php echo esc_attr($value == $enabledValue ? $enabledValue : $disabledValue); ?>">
21	- <li class="wfls-option-title"><?php echo (!empty($title)) ? esc_html($title) : ''; echo (!empty($htmlTitle)) ? wp_kses($htmlTitle, 'post') : ''; ?><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
22	<li class="wfls-option-segments">
23	<?php
24	$onId = sanitize_key('wfls-segment-' . $optionName . '-on');


18	$id = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $optionName);
19	?>
20	<ul id="<?php echo esc_attr($id); ?>" class="wfls-option wfls-option-toggled-segmented<?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' wfls-option-premium'; } ?>" data-option="<?php echo esc_attr($optionName); ?>" data-enabled-value="<?php echo esc_attr($enabledValue); ?>" data-disabled-value="<?php echo esc_attr($disabledValue); ?>" data-original-value="<?php echo esc_attr($value == $enabledValue ? $enabledValue : $disabledValue); ?>">
21	+ <li class="wfls-option-title"><?php echo (!empty($title)) ? esc_html($title) : ''; echo (!empty($htmlTitle)) ? wp_kses($htmlTitle, 'post') : ''; ?><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
22	<li class="wfls-option-segments">
23	<?php
24	$onId = sanitize_key('wfls-segment-' . $optionName . '-on');

modules/login-security/views/options/option-toggled-select.php CHANGED Viewed

	@@ -24,7 +24,7 @@ $selectID = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $selectOptionName
24	<li id="<?php echo esc_attr($toggleID); ?>" class="wfls-option-checkbox<?php echo ($toggleValue == $enabledToggleValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($toggleValue == $enabledToggleValue ? 'true' : 'false'); ?>" tabindex="0"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true"></i></li>
25	<li class="wfls-option-content">
26	<ul id="<?php echo esc_attr($selectID); ?>">
27	- <li class="wfls-option-title"><span id="<?php echo esc_attr($selectID); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
28	<li class="wfls-option-select wfls-padding-add-top-xs-small">
29	<select<?php echo ($toggleValue == $enabledToggleValue && !(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?> aria-labelledby="<?php echo esc_attr($selectID); ?>-label">
30	<?php foreach ($selectOptions as $o): ?>


24	<li id="<?php echo esc_attr($toggleID); ?>" class="wfls-option-checkbox<?php echo ($toggleValue == $enabledToggleValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($toggleValue == $enabledToggleValue ? 'true' : 'false'); ?>" tabindex="0"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true"></i></li>
25	<li class="wfls-option-content">
26	<ul id="<?php echo esc_attr($selectID); ?>">
27	+ <li class="wfls-option-title"><span id="<?php echo esc_attr($selectID); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
28	<li class="wfls-option-select wfls-padding-add-top-xs-small">
29	<select<?php echo ($toggleValue == $enabledToggleValue && !(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?> aria-labelledby="<?php echo esc_attr($selectID); ?>-label">
30	<?php foreach ($selectOptions as $o): ?>

modules/login-security/views/options/option-toggled-sub.php CHANGED Viewed

	@@ -41,7 +41,7 @@ $subID = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $subOptionName);
41	<ul id="<?php echo esc_attr($id); ?>" class="wfls-option wfls-option-toggled<?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' wfls-option-premium'; } ?>" data-option="<?php echo esc_attr($optionName); ?>" data-enabled-value="<?php echo esc_attr($enabledValue); ?>" data-disabled-value="<?php echo esc_attr($disabledValue); ?>" data-original-value="<?php echo esc_attr($value == $enabledValue ? $enabledValue : $disabledValue); ?>">
42	<li class="wfls-option-checkbox<?php echo ($value == $enabledValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($value == $enabledValue ? 'true' : 'false'); ?>" tabindex="0" aria-labelledby="<?php echo esc_attr($id); ?>-label"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true"></i></li>
43	<li class="wfls-option-title">
44	- <span id="<?php echo esc_attr($id); ?>-label"><?php echo $htmlTitle; ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
45	</li>
46	</ul>
47	</li>
	@@ -49,7 +49,7 @@ $subID = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $subOptionName);
49	<ul id="<?php echo esc_attr($subID); ?>" class="wfls-option wfls-option-toggled<?php if (!wfConfig::p() && isset($subPremium) && $subPremium) { echo ' wfls-option-premium'; } ?>" data-option="<?php echo esc_attr($subOptionName); ?>" data-enabled-value="<?php echo esc_attr($subEnabledValue); ?>" data-disabled-value="<?php echo esc_attr($subDisabledValue); ?>" data-original-value="<?php echo esc_attr($subValue == $subEnabledValue ? $subEnabledValue : $subDisabledValue); ?>">
50	<li class="wfls-option-checkbox<?php echo ($subValue == $subEnabledValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($subValue == $subEnabledValue ? 'true' : 'false'); ?>" tabindex="0" aria-labelledby="<?php echo esc_attr($subID); ?>-label"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true"></i></li>
51	<li class="wfls-option-title">
52	- <span id="<?php echo esc_attr($subID); ?>-label"><?php echo $subHtmlTitle; ?></span><?php if (!wfConfig::p() && isset($subPremium) && $subPremium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($subHelpLink)) { echo ' <a href="' . esc_attr($subHelpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
53	</li>
54	</ul>
55	</li>


41	<ul id="<?php echo esc_attr($id); ?>" class="wfls-option wfls-option-toggled<?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' wfls-option-premium'; } ?>" data-option="<?php echo esc_attr($optionName); ?>" data-enabled-value="<?php echo esc_attr($enabledValue); ?>" data-disabled-value="<?php echo esc_attr($disabledValue); ?>" data-original-value="<?php echo esc_attr($value == $enabledValue ? $enabledValue : $disabledValue); ?>">
42	<li class="wfls-option-checkbox<?php echo ($value == $enabledValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($value == $enabledValue ? 'true' : 'false'); ?>" tabindex="0" aria-labelledby="<?php echo esc_attr($id); ?>-label"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true"></i></li>
43	<li class="wfls-option-title">
44	+ <span id="<?php echo esc_attr($id); ?>-label"><?php echo $htmlTitle; ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
45	</li>
46	</ul>
47	</li>

49	<ul id="<?php echo esc_attr($subID); ?>" class="wfls-option wfls-option-toggled<?php if (!wfConfig::p() && isset($subPremium) && $subPremium) { echo ' wfls-option-premium'; } ?>" data-option="<?php echo esc_attr($subOptionName); ?>" data-enabled-value="<?php echo esc_attr($subEnabledValue); ?>" data-disabled-value="<?php echo esc_attr($subDisabledValue); ?>" data-original-value="<?php echo esc_attr($subValue == $subEnabledValue ? $subEnabledValue : $subDisabledValue); ?>">
50	<li class="wfls-option-checkbox<?php echo ($subValue == $subEnabledValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($subValue == $subEnabledValue ? 'true' : 'false'); ?>" tabindex="0" aria-labelledby="<?php echo esc_attr($subID); ?>-label"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true"></i></li>
51	<li class="wfls-option-title">
52	+ <span id="<?php echo esc_attr($subID); ?>-label"><?php echo $subHtmlTitle; ?></span><?php if (!wfConfig::p() && isset($subPremium) && $subPremium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($subHelpLink)) { echo ' <a href="' . esc_attr($subHelpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
53	</li>
54	</ul>
55	</li>

modules/login-security/views/options/option-toggled-textarea.php CHANGED Viewed

	@@ -21,7 +21,7 @@ $textAreaID = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $textAreaOption
21	?>
22	<ul class="wfls-option wfls-option-toggled-textarea<?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' wfls-option-premium'; } ?>" data-toggle-option="<?php echo esc_attr($toggleOptionName); ?>" data-enabled-toggle-value="<?php echo esc_attr($enabledToggleValue); ?>" data-disabled-toggle-value="<?php echo esc_attr($disabledToggleValue); ?>" data-original-toggle-value="<?php echo esc_attr($toggleValue == $enabledToggleValue ? $enabledToggleValue : $disabledToggleValue); ?>" data-text-area-option="<?php echo esc_attr($textAreaOptionName); ?>" data-original-text-area-value="<?php echo esc_attr($textAreaValue); ?>">
23	<li id="<?php echo esc_attr($toggleID); ?>" class="wfls-option-checkbox<?php echo ($toggleValue == $enabledToggleValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($toggleValue == $enabledToggleValue ? 'true' : 'false'); ?>" tabindex="0"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true" aria-labelledby="<?php echo esc_attr($toggleID); ?>-label"></i></li>
24	- <li class="wfls-option-title"><span id="<?php echo esc_attr($toggleID); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
25	<li id="<?php echo esc_attr($textAreaID); ?>" class="wfls-option-textarea">
26	<select<?php echo ($toggleValue == $enabledToggleValue && !(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?> aria-labelledby="<?php echo esc_attr($toggleID); ?>-label">
27	<textarea<?php echo (!(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?>><?php echo esc_html($textAreaValue); ?></textarea>


21	?>
22	<ul class="wfls-option wfls-option-toggled-textarea<?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' wfls-option-premium'; } ?>" data-toggle-option="<?php echo esc_attr($toggleOptionName); ?>" data-enabled-toggle-value="<?php echo esc_attr($enabledToggleValue); ?>" data-disabled-toggle-value="<?php echo esc_attr($disabledToggleValue); ?>" data-original-toggle-value="<?php echo esc_attr($toggleValue == $enabledToggleValue ? $enabledToggleValue : $disabledToggleValue); ?>" data-text-area-option="<?php echo esc_attr($textAreaOptionName); ?>" data-original-text-area-value="<?php echo esc_attr($textAreaValue); ?>">
23	<li id="<?php echo esc_attr($toggleID); ?>" class="wfls-option-checkbox<?php echo ($toggleValue == $enabledToggleValue ? ' wfls-checked' : ''); ?>" role="checkbox" aria-checked="<?php echo ($toggleValue == $enabledToggleValue ? 'true' : 'false'); ?>" tabindex="0"><i class="wfls-ion-ios-checkmark-empty" aria-hidden="true" aria-labelledby="<?php echo esc_attr($toggleID); ?>-label"></i></li>
24	+ <li class="wfls-option-title"><span id="<?php echo esc_attr($toggleID); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?></li>
25	<li id="<?php echo esc_attr($textAreaID); ?>" class="wfls-option-textarea">
26	<select<?php echo ($toggleValue == $enabledToggleValue && !(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?> aria-labelledby="<?php echo esc_attr($toggleID); ?>-label">
27	<textarea<?php echo (!(!wfConfig::p() && isset($premium) && $premium) ? '' : ' disabled'); ?>><?php echo esc_html($textAreaValue); ?></textarea>

modules/login-security/views/options/option-token.php CHANGED Viewed

	@@ -22,7 +22,7 @@ $id = 'wfls-option-' . preg_replace('/[^a-z0-9]/i', '-', $tokenOptionName);
22	<ul class="wfls-flex-vertical wfls-flex-align-left">
23	<li>
24	<?php endif; ?>
25	- <span id="<?php echo esc_attr($id); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
26	<?php if (isset($subtitle)): ?>
27	</li>
28	<li class="wfls-option-subtitle"><?php echo esc_html($subtitle); ?></li>


22	<ul class="wfls-flex-vertical wfls-flex-align-left">
23	<li>
24	<?php endif; ?>
25	+ <span id="<?php echo esc_attr($id); ?>-label"><?php echo esc_html($title); ?></span><?php if (!wfConfig::p() && isset($premium) && $premium) { echo ' <a href="https://www.wordfence.com/gnl1optionUpgrade/wordfence-signup/" target="_blank" rel="noopener noreferrer" class="wfls-premium-link">' . esc_html__('Premium Feature', 'wordfence-2fa') . '</a>'; } ?><?php if (isset($helpLink)) { echo ' <a href="' . esc_attr($helpLink) . '" target="_blank" rel="noopener noreferrer" class="wfls-inline-help"><i class="' . (WORDFENCE_LS_FROM_CORE ? 'wf-fa wf-fa-question-circle-o' : 'wfls-fa wfls-fa-question-circle-o') . '" aria-hidden="true"></i></a>'; } ?>
26	<?php if (isset($subtitle)): ?>
27	</li>
28	<li class="wfls-option-subtitle"><?php echo esc_html($subtitle); ?></li>

modules/login-security/views/page/role.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	if (!defined('WORDFENCE_LS_VERSION')) { exit; }
3	?>
4	<?php if (is_multisite()): ?>
5	- <p><em>(<?php esc_html_e('This page only shows users and roles on the main site of this network', 'wordfence') ?>)</em></p>
6	<?php endif ?>
7	<div class="wfls-block wfls-always-active wfls-flex-item-full-width wfls-add-bottom">
8	<?php if ($requiredAt === false): ?>
	@@ -32,7 +32,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
32	<?php if ($user->required_at): ?>
33	<?php echo esc_html(\WordfenceLS\Controller_Time::format_local_time('F j, Y g:i A', $user->required_at)) ?>
34	<?php else: ?>
35	- <?php esc_html_e('N/A', 'wordfence'); ?>
36	<?php endif ?>
37	</td>
38	</tr>
	@@ -43,7 +43,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
43	<?php if ($page > 1): ?>
44	<a href="<?php echo esc_attr(add_query_arg($pageKey, $page-1) . "#$stateKey") ?>"><span class="dashicons dashicons-arrow-left-alt2"></span></a>
45	<?php endif ?>
46	- <strong class="wfls-page-indicator"><?php esc_html_e('Page ') ?><?php echo (int) $page ?></strong>
47	<?php if (!$lastPage): ?>
48	<a href="<?php echo esc_attr(add_query_arg($pageKey, $page+1) . "#$stateKey") ?>"><span class="dashicons dashicons-arrow-right-alt2"></span></a>
49	<?php endif ?>


2	if (!defined('WORDFENCE_LS_VERSION')) { exit; }
3	?>
4	<?php if (is_multisite()): ?>
5	+ <p><em>(<?php esc_html_e('This page only shows users and roles on the main site of this network', 'wordfence-2fa') ?>)</em></p>
6	<?php endif ?>
7	<div class="wfls-block wfls-always-active wfls-flex-item-full-width wfls-add-bottom">
8	<?php if ($requiredAt === false): ?>

32	<?php if ($user->required_at): ?>
33	<?php echo esc_html(\WordfenceLS\Controller_Time::format_local_time('F j, Y g:i A', $user->required_at)) ?>
34	<?php else: ?>
35	+ <?php esc_html_e('N/A', 'wordfence-2fa'); ?>
36	<?php endif ?>
37	</td>
38	</tr>

43	<?php if ($page > 1): ?>
44	<a href="<?php echo esc_attr(add_query_arg($pageKey, $page-1) . "#$stateKey") ?>"><span class="dashicons dashicons-arrow-left-alt2"></span></a>
45	<?php endif ?>
46	+ <strong class="wfls-page-indicator"><?php esc_html_e('Page ', 'wordfence-2fa') ?><?php echo (int) $page ?></strong>
47	<?php if (!$lastPage): ?>
48	<a href="<?php echo esc_attr(add_query_arg($pageKey, $page+1) . "#$stateKey") ?>"><span class="dashicons dashicons-arrow-right-alt2"></span></a>
49	<?php endif ?>

modules/login-security/views/settings/options.php CHANGED Viewed

	@@ -88,7 +88,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
88	echo \WordfenceLS\Model_View::create('options/option-textarea', array(
89	'textOptionName' => \WordfenceLS\Controller_Settings::OPTION_2FA_WHITELISTED,
90	'textValue' => implode("\n", \WordfenceLS\Controller_Settings::shared()->whitelisted_ips()),
91	- 'title' => new \WordfenceLS\Text\Model_HTML('<strong>' . esc_html__('Allowlisted IP addresses that bypass 2FA', 'wordfence-2fa') . '</strong>'),
92	'alignTitle' => 'top',
93	'subtitle' => __('Allowlisted IPs must be placed on separate lines. You can specify ranges using the following formats: 127.0.0.1/24, 127.0.0.[1-100], or 127.0.0.1-127.0.1.100.', 'wordfence-2fa'),
94	'subtitlePosition' => 'value',
	@@ -145,6 +145,18 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
145	))->render();
146	?>
147	</li>












148	<li>
149	<?php
150	echo \WordfenceLS\Model_View::create('options/option-toggled', array(


88	echo \WordfenceLS\Model_View::create('options/option-textarea', array(
89	'textOptionName' => \WordfenceLS\Controller_Settings::OPTION_2FA_WHITELISTED,
90	'textValue' => implode("\n", \WordfenceLS\Controller_Settings::shared()->whitelisted_ips()),
91	+ 'title' => new \WordfenceLS\Text\Model_HTML('<strong>' . esc_html__('Allowlisted IP addresses that bypass 2FA and reCAPTCHA', 'wordfence-2fa') . '</strong>'),
92	'alignTitle' => 'top',
93	'subtitle' => __('Allowlisted IPs must be placed on separate lines. You can specify ranges using the following formats: 127.0.0.1/24, 127.0.0.[1-100], or 127.0.0.1-127.0.1.100.', 'wordfence-2fa'),
94	'subtitlePosition' => 'value',

145	))->render();
146	?>
147	</li>
148	+ <li>
149	+ <?php
150	+ echo \WordfenceLS\Model_View::create('options/option-toggled', array(
151	+ 'optionName' => \WordfenceLS\Controller_Settings::OPTION_ENABLE_LOGIN_HISTORY_COLUMNS,
152	+ 'enabledValue' => '1',
153	+ 'disabledValue' => '0',
154	+ 'value' => \WordfenceLS\Controller_Settings::shared()->are_login_history_columns_enabled() ? '1': '0',
155	+ 'title' => new \WordfenceLS\Text\Model_HTML('<strong>' . esc_html__('Show last login column on WP Users page', 'wordfence-2fa') . '</strong>'),
156	+ 'subtitle' => __('When enabled, the last login timestamp will be displayed for each user on the WP Users page. When used in conjunction with reCAPTCHA, the most recent score will also be displayed for each user.', 'wordfence-2fa'),
157	+ ))->render();
158	+ ?>
159	+ </li>
160	<li>
161	<?php
162	echo \WordfenceLS\Model_View::create('options/option-toggled', array(

modules/login-security/views/settings/user-stats.php CHANGED Viewed

	@@ -12,7 +12,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
12	</div>
13	</div>
14	<div class="wfls-block-header-action wfls-block-header-action-text wfls-nowrap wfls-padding-add-right-responsive">
15	- <a href="users.php"><?php esc_html_e('Manage Users', 'wordfence'); ?></a>
16	</div>
17	</div>
18	<div class="wfls-block-content wfls-padding-no-left wfls-padding-no-right">


12	</div>
13	</div>
14	<div class="wfls-block-header-action wfls-block-header-action-text wfls-nowrap wfls-padding-add-right-responsive">
15	+ <a href="users.php"><?php esc_html_e('Manage Users', 'wordfence-2fa'); ?></a>
16	</div>
17	</div>
18	<div class="wfls-block-content wfls-padding-no-left wfls-padding-no-right">

modules/login-security/views/user/grace-period-toggle.php CHANGED Viewed

	@@ -7,7 +7,7 @@ if (!defined('WORDFENCE_LS_VERSION')) { exit; }
7	<th scope="row"><label for="wfls-grace-period-toggle"><?php esc_html_e('2FA Grace Period', 'wordfence-2fa') ?></label></th>
8	<td>
9	<input id="wfls-grace-period-toggle" name="wfls-grace-period-toggle" type="checkbox">
10	- <label for="wfls-grace-period-toggle"><?php esc_html_e('Allow a grace period for this user prior to requiring Wordfence 2FA') ?></label>
11	</td>
12	</tr>
13	</table>


7	<th scope="row"><label for="wfls-grace-period-toggle"><?php esc_html_e('2FA Grace Period', 'wordfence-2fa') ?></label></th>
8	<td>
9	<input id="wfls-grace-period-toggle" name="wfls-grace-period-toggle" type="checkbox">
10	+ <label for="wfls-grace-period-toggle"><?php esc_html_e('Allow a grace period for this user prior to requiring Wordfence 2FA', 'wordfence-2fa') ?></label>
11	</td>
12	</tr>
13	</table>

modules/login-security/wordfence-login-security.php CHANGED Viewed

	@@ -26,8 +26,8 @@ if ($wfCoreActive && !(isset($wfCoreLoading) && $wfCoreLoading)) {
26	else {
27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	- define('WORDFENCE_LS_VERSION', '1.0.9');
30	- define('WORDFENCE_LS_BUILD_NUMBER', '~~1652811581~~');
31
32	define('WORDFENCE_LS_PLUGIN_BASENAME', plugin_basename(__FILE__));
33


26	else {
27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	+ define('WORDFENCE_LS_VERSION', '1.0.10');
30	+ define('WORDFENCE_LS_BUILD_NUMBER', '1655226500');
31
32	define('WORDFENCE_LS_PLUGIN_BASENAME', plugin_basename(__FILE__));
33

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Tags: security, firewall, malware scanner, web application firewall, two factor
4	Requires at least: 3.9
5	Requires PHP: 5.3
6	Tested up to: 6.0
7	- Stable tag: 7.5.10
8	License: GPLv3
9	License URI: https://www.gnu.org/licenses/gpl-3.0.html
10
	@@ -185,6 +185,17 @@ Secure your website with Wordfence.
185
186	== Changelog ==
187











188	= 7.5.10 - May 17, 2022 =
189	* Improvement: Improved scan support for sites with non-standard directory structures
190	* Improvement: Increased accuracy of executable PHP upload detection


4	Requires at least: 3.9
5	Requires PHP: 5.3
6	Tested up to: 6.0
7	+ Stable tag: 7.5.11
8	License: GPLv3
9	License URI: https://www.gnu.org/licenses/gpl-3.0.html
10

185
186	== Changelog ==
187
188	+ = 7.5.11 - June 14, 2022 =
189	+ * Improvement: Added option to toggle display of last login column on WP Users page
190	+ * Improvement: Improved autocomplete support for 2FA code on Apple devices
191	+ * Improvement: Prevented Batcache from caching block pages
192	+ * Improvement: Updated GeoIP database
193	+ * Fix: Prevented extraneous scan results when non-existent paths are configured using UPLOADS and related constants
194	+ * Fix: Corrected issue that prevented reCAPTCHA scores from being recorded
195	+ * Fix: Prevented invalid JSON setting values from triggering fatal errors
196	+ * Fix: Made text domains consistent for translation support
197	+ * Fix: Clarified that allowlisted IP addresses also bypass reCAPTCHA
198	+
199	= 7.5.10 - May 17, 2022 =
200	* Improvement: Improved scan support for sites with non-standard directory structures
201	* Improvement: Increased accuracy of executable PHP upload detection

vendor/wordfence/wf-waf/src/lib/utils.php CHANGED Viewed

	@@ -747,7 +747,7 @@ class wfWAFUtils {
747
748	public static function doNotCache() {
749	header("Pragma: no-cache");
750	- header("Cache-Control: no-cache, must-revalidate, private");
751	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); //In the past
752	if (!defined('DONOTCACHEPAGE')) { define('DONOTCACHEPAGE', true); }
753	if (!defined('DONOTCACHEDB')) { define('DONOTCACHEDB', true); }


747
748	public static function doNotCache() {
749	header("Pragma: no-cache");
750	+ header("Cache-Control: no-cache, must-revalidate, private, max-age=0");
751	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); //In the past
752	if (!defined('DONOTCACHEPAGE')) { define('DONOTCACHEPAGE', true); }
753	if (!defined('DONOTCACHEDB')) { define('DONOTCACHEDB', true); }

views/scanner/issue-file.php CHANGED Viewed

	@@ -9,7 +9,7 @@ echo wfView::create('scanner/issue-base', array(
9	'iconSVG' => '<svg viewBox="0 0 46 55" ><path d="M43.557,13.609l-11.214,-11.175c-1.303,-1.246 -2.962,-2.058 -4.747,-2.324l0,18.223l18.294,0c-0.269,-1.777 -1.084,-3.427 -2.333,-4.724l0,0Z" fill="#9e9e9e"/><path d="M26.465,22.921c-0.005,0 -0.011,0 -0.016,0c-1.885,0 -3.435,-1.545 -3.435,-3.423c0,-0.005 0,-0.011 0,-0.016l0,-19.482l-19.562,0c-0.921,-0.019 -1.809,0.346 -2.449,1.005c-0.658,0.637 -1.022,1.52 -1.003,2.434l0,48.127c-0.019,0.915 0.345,1.797 1.003,2.434c0.639,0.658 1.524,1.023 2.443,1.005l39.102,0c0.004,0.001 0.008,0.001 0.012,0.001c1.884,0 3.435,-1.546 3.435,-3.423c0,-0.006 0,-0.011 -0.001,-0.017l0,-28.645l-19.529,0Z" fill="#9e9e9e"/></svg>',
10	'summaryControls' => array(wfView::create('scanner/issue-control-repair'), wfView::create('scanner/issue-control-ignore', array('ignoreP' => __('Always Ignore', 'wordfence'), 'ignoreC' => __('Ignore Until File Changes', 'wordfence'))), wfView::create('scanner/issue-control-show-details')),
11	'detailPairs' => array(
12	- __('Filename', 'wordfence') => '<span class="wf-split-word-xs">${data.~~file~~}</span>',
13	__('File Type', 'wordfence') => '{{if data.cType}}${WFAD.ucfirst(data.cType)}{{else data.wpconfig}}' . __('WordPress Configuration File', 'wordfence') . '{{else}}' . __('Not a core, theme, or plugin file from wordpress.org', 'wordfence') . '.{{/if}}',
14	__('Bad URL', 'wordfence') => array('(typeof data.badURL !== \'undefined\') && data.badURL', '${data.badURL}'),
15	null,
	@@ -23,7 +23,7 @@ echo wfView::create('scanner/issue-base', array(
23	),
24	'textOutput' => (isset($textOutput) ? $textOutput : null),
25	'textOutputDetailPairs' => array(
26	- __('Filename', 'wordfence') => '$data.~~file~~',
27	__('File Type', 'wordfence') => '$data.ucType',
28	__('File Type', 'wordfence') => '$data.wpconfig',
29	__('File Type', 'wordfence') => array(array('!$data.ucType', '!$data.wpconfig'), 'Not a core, theme, or plugin file from wordpress.org'),


9	'iconSVG' => '<svg viewBox="0 0 46 55" ><path d="M43.557,13.609l-11.214,-11.175c-1.303,-1.246 -2.962,-2.058 -4.747,-2.324l0,18.223l18.294,0c-0.269,-1.777 -1.084,-3.427 -2.333,-4.724l0,0Z" fill="#9e9e9e"/><path d="M26.465,22.921c-0.005,0 -0.011,0 -0.016,0c-1.885,0 -3.435,-1.545 -3.435,-3.423c0,-0.005 0,-0.011 0,-0.016l0,-19.482l-19.562,0c-0.921,-0.019 -1.809,0.346 -2.449,1.005c-0.658,0.637 -1.022,1.52 -1.003,2.434l0,48.127c-0.019,0.915 0.345,1.797 1.003,2.434c0.639,0.658 1.524,1.023 2.443,1.005l39.102,0c0.004,0.001 0.008,0.001 0.012,0.001c1.884,0 3.435,-1.546 3.435,-3.423c0,-0.006 0,-0.011 -0.001,-0.017l0,-28.645l-19.529,0Z" fill="#9e9e9e"/></svg>',
10	'summaryControls' => array(wfView::create('scanner/issue-control-repair'), wfView::create('scanner/issue-control-ignore', array('ignoreP' => __('Always Ignore', 'wordfence'), 'ignoreC' => __('Ignore Until File Changes', 'wordfence'))), wfView::create('scanner/issue-control-show-details')),
11	'detailPairs' => array(
12	+ __('Filename', 'wordfence') => '<span class="wf-split-word-xs">${data.realFile}</span>',
13	__('File Type', 'wordfence') => '{{if data.cType}}${WFAD.ucfirst(data.cType)}{{else data.wpconfig}}' . __('WordPress Configuration File', 'wordfence') . '{{else}}' . __('Not a core, theme, or plugin file from wordpress.org', 'wordfence') . '.{{/if}}',
14	__('Bad URL', 'wordfence') => array('(typeof data.badURL !== \'undefined\') && data.badURL', '${data.badURL}'),
15	null,

23	),
24	'textOutput' => (isset($textOutput) ? $textOutput : null),
25	'textOutputDetailPairs' => array(
26	+ __('Filename', 'wordfence') => '$data.realFile',
27	__('File Type', 'wordfence') => '$data.ucType',
28	__('File Type', 'wordfence') => '$data.wpconfig',
29	__('File Type', 'wordfence') => array(array('!$data.ucType', '!$data.wpconfig'), 'Not a core, theme, or plugin file from wordpress.org'),

views/scanner/issue-knownfile.php CHANGED Viewed

	@@ -9,7 +9,7 @@ echo wfView::create('scanner/issue-base', array(
9	'iconSVG' => '<svg viewBox="0 0 46 55" ><path d="M43.557,13.609l-11.214,-11.175c-1.303,-1.246 -2.962,-2.058 -4.747,-2.324l0,18.223l18.294,0c-0.269,-1.777 -1.084,-3.427 -2.333,-4.724l0,0Z" fill="#9e9e9e"/><path d="M26.465,22.921c-0.005,0 -0.011,0 -0.016,0c-1.885,0 -3.435,-1.545 -3.435,-3.423c0,-0.005 0,-0.011 0,-0.016l0,-19.482l-19.562,0c-0.921,-0.019 -1.809,0.346 -2.449,1.005c-0.658,0.637 -1.022,1.52 -1.003,2.434l0,48.127c-0.019,0.915 0.345,1.797 1.003,2.434c0.639,0.658 1.524,1.023 2.443,1.005l39.102,0c0.004,0.001 0.008,0.001 0.012,0.001c1.884,0 3.435,-1.546 3.435,-3.423c0,-0.006 0,-0.011 -0.001,-0.017l0,-28.645l-19.529,0Z" fill="#9e9e9e"/></svg>',
10	'summaryControls' => array(wfView::create('scanner/issue-control-repair'), wfView::create('scanner/issue-control-ignore', array('ignoreP' => __('Always Ignore', 'wordfence'), 'ignoreC' => __('Ignore Until File Changes', 'wordfence'))), wfView::create('scanner/issue-control-show-details')),
11	'detailPairs' => array(
12	- __('Filename', 'wordfence') => '<span class="wf-split-word-xs">${data.~~file~~}</span>',
13	__('File Type', 'wordfence') => '{{if data.cType}}${WFAD.ucfirst(data.cType)}{{else}}' . __('Not a core, theme, or plugin file from wordpress.org', 'wordfence') . '.{{/if}}',
14	__('Bad URL', 'wordfence') => array('(typeof data.badURL !== \'undefined\') && data.badURL', '${data.badURL}'),
15	null,
	@@ -23,7 +23,7 @@ echo wfView::create('scanner/issue-base', array(
23	),
24	'textOutput' => (isset($textOutput) ? $textOutput : null),
25	'textOutputDetailPairs' => array(
26	- __('Filename', 'wordfence') => '$data.~~file~~',
27	__('File Type', 'wordfence') => '$data.ucType',
28	__('File Type', 'wordfence') => array('!$data.ucType', 'Not a core, theme, or plugin file from wordpress.org'),
29	__('Bad URL', 'wordfence') => '$data.badURL',


9	'iconSVG' => '<svg viewBox="0 0 46 55" ><path d="M43.557,13.609l-11.214,-11.175c-1.303,-1.246 -2.962,-2.058 -4.747,-2.324l0,18.223l18.294,0c-0.269,-1.777 -1.084,-3.427 -2.333,-4.724l0,0Z" fill="#9e9e9e"/><path d="M26.465,22.921c-0.005,0 -0.011,0 -0.016,0c-1.885,0 -3.435,-1.545 -3.435,-3.423c0,-0.005 0,-0.011 0,-0.016l0,-19.482l-19.562,0c-0.921,-0.019 -1.809,0.346 -2.449,1.005c-0.658,0.637 -1.022,1.52 -1.003,2.434l0,48.127c-0.019,0.915 0.345,1.797 1.003,2.434c0.639,0.658 1.524,1.023 2.443,1.005l39.102,0c0.004,0.001 0.008,0.001 0.012,0.001c1.884,0 3.435,-1.546 3.435,-3.423c0,-0.006 0,-0.011 -0.001,-0.017l0,-28.645l-19.529,0Z" fill="#9e9e9e"/></svg>',
10	'summaryControls' => array(wfView::create('scanner/issue-control-repair'), wfView::create('scanner/issue-control-ignore', array('ignoreP' => __('Always Ignore', 'wordfence'), 'ignoreC' => __('Ignore Until File Changes', 'wordfence'))), wfView::create('scanner/issue-control-show-details')),
11	'detailPairs' => array(
12	+ __('Filename', 'wordfence') => '<span class="wf-split-word-xs">${data.realFile}</span>',
13	__('File Type', 'wordfence') => '{{if data.cType}}${WFAD.ucfirst(data.cType)}{{else}}' . __('Not a core, theme, or plugin file from wordpress.org', 'wordfence') . '.{{/if}}',
14	__('Bad URL', 'wordfence') => array('(typeof data.badURL !== \'undefined\') && data.badURL', '${data.badURL}'),
15	null,

23	),
24	'textOutput' => (isset($textOutput) ? $textOutput : null),
25	'textOutputDetailPairs' => array(
26	+ __('Filename', 'wordfence') => '$data.realFile',
27	__('File Type', 'wordfence') => '$data.ucType',
28	__('File Type', 'wordfence') => array('!$data.ucType', 'Not a core, theme, or plugin file from wordpress.org'),
29	__('Bad URL', 'wordfence') => '$data.badURL',

wordfence.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6	Author: Wordfence
7	- Version: 7.5.10
8	Author URI: http://www.wordfence.com/
9	Text Domain: wordfence
10	Domain Path: /languages
	@@ -38,8 +38,8 @@ if(defined('WP_INSTALLING') && WP_INSTALLING){
38	if (!defined('ABSPATH')) {
39	exit;
40	}
41	- define('WORDFENCE_VERSION', '7.5.10');
42	- define('WORDFENCE_BUILD_NUMBER', '~~1652811581~~');
43	define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
44	basename(dirname(__FILE__)) . '/' . basename(__FILE__));
45


4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6	Author: Wordfence
7	+ Version: 7.5.11
8	Author URI: http://www.wordfence.com/
9	Text Domain: wordfence
10	Domain Path: /languages

38	if (!defined('ABSPATH')) {
39	exit;
40	}
41	+ define('WORDFENCE_VERSION', '7.5.11');
42	+ define('WORDFENCE_BUILD_NUMBER', '1655226500');
43	define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
44	basename(dirname(__FILE__)) . '/' . basename(__FILE__));
45

Wordfence Security – Firewall & Malware Scan - Version 7.5.11

Version Description

Release Info

Code changes from version 7.5.10 to 7.5.11