defender is telling me to update an already updated wordpress

Hi,

Defender gave me the vulnerability nfo that i’m pasting below but wordpress is saying that i’m already running the latest version.

Skip to main contentSkip to toolbar

Dashboard

Home

Updates

1

Jetpack

Dashboard

Settings

WPMU DEV

Dashboard

Plugins

Themes

Support

Manage

Posts

All Posts

Add New

Categories

Tags

Media

Library

Add New

Pages

All Pages

Add New

Comments

12

Appearance

Themes

Customize

Widgets

Menus

Header

Background

Theme Settings

Plugins

1

Installed Plugins

Add New

Users

All Users

Add New

Your Profile

Tools

Available Tools

Import

Export

Update URLs

Settings

General

Writing

Reading

Discussion

Media

Permalinks

Limit Login Attempts

SEO

2

2 notifications

Dashboard

Titles & Metas

Social

XML Sitemaps

Advanced

Tools

Search Console

Go Premium Disabled

EasyRotator

Overview

Help

Insights

Dashboard

Settings

Reports

Tools

Addons

Defender

3

Dashboard

Security Tweaks

File Scanning

Audit Logging

IP Lockouts

Collapse menu

About WordPress

Minute Mobile Emissions

11 Plugin Update

1212 comments awaiting moderation

New

SEO22 notifications

Howdy, netlover

Log Out

FILE SCANNING NEW SCAN

Welcome to EasyRotator! You’re almost ready to start creating rotators!

It appears that you’re using Google Chrome. There’s a new issue that may break auto-installation in Chrome. Please click here to learn more about how you can avoid this problem.

To use the EasyRotator admin, you need to install the latest version of the Adobe Flash Player. Once you’ve finished updating, reload this page to continue.

Allow MonsterInsights to track plugin usage? Opt-in to tracking and our newsletter to stay informed of the latest changes to MonsterInsights and help us ensure compatibility. Allow Do not allow

2

File scanning issues need attention

May 11, 2017 4:08 pm

Last scan

WordPress Core 1

Plugins & Themes 1

Suspicious Code

Issues 2

Ignored

Settings

Reporting

ISSUES 2

Defender has found potentially harmful files on your website. In many cases, the security scan will pick up harmless files, but in some cases you may wish to remove the files listed below that look suspicious.

Ignore

APPLY2 Results

Suspicious File Issue

favicon.ico

/home/bnmpro5/public_html/minuteemissions/favicon.ico

Unknown file in WordPress core

WordPress Vulnerability

Version: 4.7.4

WordPress 2.3-4.7.4 – Host Header Injection in Password Reset

Vulnerability type: UNKNOWN

This bug has been fixed in version:

Ignore

APPLY2 Results

ISSUE DETAILS

×

WordPress WordPress Vulnerability

Version Version: 4.7.4

Vulnerability found in this version:

WordPress 2.3-4.7.4 – Host Header Injection in Password Reset

Vulnerability type: UNKNOWN

This bug has been fixed in version:

There’s a newer version available that fixes this issue. We recommend updating to the latest release.

UPDATE

  • Vaughan
    • Support/SLS MockingJay

    Hi Corn,

    Yes, we’re aware of this, it’s due to the issue being fixed in the WordPress TRAC bugtracker. But there is no current release with the fix yet. But this will be closed on the next WordPress core update.

    We’re going to change the display so it’s less confusing in future.

    Hope this helps

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.