I've received the following alert from Wordfence at my email (never got anything like this before):
[Wordfence Alert] Problems found on http://www.wheelofcommerce.com
Wheel of Commerce
Adicionar aos contatos
[Manter esta mensagem na parte superior de sua caixa de entrada]
This email was sent from your website "Wheel of Commerce" by the Wordfence plugin.
Wordfence found the following new issues on "Wheel of Commerce".
Alert generated at Wednesday 29th of April 2015 at 02:22:34 PM
* Modified plugin file: wp-content/plugins/akismet/readme.txt
* Modified plugin file: wp-content/plugins/bbpress/readme.txt
* Modified plugin file: wp-content/plugins/buddypress/readme.txt"
I've checked and for all the 3 there's only one line changed right at the beginning: "Tested up to:". The changes were performed as below:
-For Akismet: from "Tested up to: 4.2.1" to "Tested up to: 4.1.1".
-For bbPress: from "Tested up to: 4.2" to "Tested up to: 4.1".
-For Buddypress: same as for bbPress.
So, regarding that line, it looks as if they were "downgraded", even though the last update for Buddypress and bbPress was made days ago, and for Akismet, I can't even remember when the last update occurred.
Considering that I've been hacked before, or at least it really seemed like that at the time (I've changed all my login credentials after) and Wordfence sent me a report the other day saying somebody tried to log into my site using "admin" as username 126 times in the past month (most likely a bot, but anyway), should I be worried? I know readme files aren't executable, so it's extremely unlikely that those insignificant changes can do any harm, but I'm asking because, as the saying goes, "It's better to be safe than to be sorry.".