Easily monitor the state of your WP core files. Have a clear view of files that are modified but shouldn’t be and restore them with a single click. The scanner compares all your core WordPress files (over 1,200) with the secure master copy maintained by WordPress.org.
How does the core scanner work?
It works by finding your WordPress version, your local (language/country) setting and then asks an API at wordpress.org to get a list of that particular version of WordPress.
Once the list has been downloaded, the plugin checks each file in your actual WordPress installation and verifies nothing has been changed.
Not only modified original files are detected, but the plugin also generates a list of unknown files in your core WordPress folders.
Some files are ok to modify
There are some files that are supposed to be modified, such as wp-config.php that contains the details for your database settings and other necessary information that is unique to each website.
Some files are ok to be missing
There are some files that are ok, even suggested or recommended to remove. Security Ninja notes if these are missing, but does not alert you. These files are index.php, readme.html, license.txt, wp-config-sample.php, wp-admin/install.php or wp-admin/upgrade.php
Not every change is dangerous!
Not every change on core files is malicious and changes can serve a legitimate purpose. However, if you are not a developer and you did not change the files yourself the changes most probably come from an exploit.
The WordPress community strongly advises that you never modify any WP core files!
Please use caution when restoring files because there is no undo button.