Welcome to the WPML Support. The warning appears to come from your security plugin detecting a change in a WPML-generated file inside wp-content/uploads/wpml/.
Since this is a text file (changelog.txt) in the uploads directory and not a core WPML plugin file, this is usually expected behavior after plugin updates or background WPML processes.
It does not immediately indicate a problem or malware infection.
Hi Lucas,
this is not a text file, you need to decode it to see more.
Since when wpml created a file like this in che uploads/wmpl folder? (which contains only this file)
attached the file (renamed txt > png to upload it)
The file wp-content/uploads/wpml/changelog.txt is a WPML-generated internal file. It is safe and is used by WPML to store changelog-related internal data.
This is a newer implementation. In the past, this data used to be stored in the WordPress options table, with autoload enabled, which could unnecessarily increase the size of the autoloaded data in the database. To improve that, WPML now stores this information as a file inside the uploads/wpml folder instead.
That is why you see this file there now.
The content may look unusual or unreadable because it is stored in an encoded/compressed format for internal use. This is expected.
Hi Lucas,
thank you for the update. The fact is that 20+ websites give me a warning every day. Could you tell Security Pro (Stellar, SolidWP) that this is a harmful file to not include in the warning.
There will be a lot of customers of both plugins who will feel annoyed about this.
Waldemar
Thanks for bringing that to our attention, I'll investigate. Can you please share more details on where and how you got this notice? Did it happen after you upgraded WPML, for example?
I tried reproducing on a fresh install using the free version of the plugin, but didn't get any warnings about the changelog file after scanning.
Finally, please also share your WPML debug information with me, using the provided form. You can check the steps here:
as you can see I use 4.9.0 , so I presume that I did not make an update to 4.9.x at 24.03. when I got this error for the first time. Not knowing why and when wpml impremented this new file I think you can better understand and investigate.
I cannot reproduce this behavior. Here's what I've done so far:
1. Created a fresh install of WordPress, using and old WPML version without the changelog.txt file;
2. Ran the site scan using Solid Security (Free Version);
3. Upgraded WPML to the latest version;
4. Ran the site scan once more;
There were no warnings by Solid Security. In this case, I ask you to please install the Pro Version of the plugin, upgrade WPML and run the scan again. Let me know when you're done.
Thank you for that. Nonetheless, I still could not get any warnings about the file. Can you please check my last message and see if you can reproduce it on your side?
Unfortunately, without the reproduced behavior, we cannot investigate the issue.
