[wjwoodson]

Yep, you can quarantine, overwrite, or disallow writes altogether in _some_ directories, but any of those will prevent auto update or component updates managed by the CMS... Which is a nice feature to patch known vulnerabilities. A happy medium might be to quarantine and send an alert for manual approval, or having the hash change trigger deeper inspection -> quarantine & alert based on some risk assessment.

These scanners will only send alert, no ability to remediate built in.

[Vanderson]

I guess an alert is better than nothing. But you still have to deal with the cleanup. It seems the only real way (which I figured out) is to have a separate management system from the CMS.

Having the CMS manage it's own files seems like an oversight committee watching itself. :P

This seems like an opportunity for WP to do what Microsoft did, make their own security system to pair up with WP.