I got an email message from Wordfence that said things like the following for several different files:
- Unknown file in WordPress core: wp-includes/js/tinymce/skins/lightgray/fonts/readme.md
- Unknown file in WordPress core: wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.json
When I logged into Wordfence and went to the “issues” area it said this:
“This file is in a WordPress core location but is not distributed with this version of WordPress. This is usually due to it being left over from a previous WordPress update, but it may also have been added by another plugin or a malicious file added by an attacker.”
Then it gives me options to delete the file.
I don’t know what any of the files are. Should I delete them or move them or just leave as is or what?
Probably this depends on what the files are and whether I’m using them? But if their names aren’t meaning anything to me then how might I tell?
This is a pretty open question I’m guessing…sorry…from a newbie.