Me too.
The urgent Wordfence message says this for me:
File contains suspected malware URL: /www/wp-content/plugins/wp-views/res/js/codemirror311/mode/velocity/index.html
Filename: wp-content/plugins/wp-views/res/js/codemirror311/mode/velocity/index.html
Bad URL: http://www.pivotal-solutions.co.uk/
File type: Not a core, theme or plugin file.
Issue first detected: 2 mins ago.
Severity: Critical
Status New
This file contains a suspected malware URL listed on Google's list of malware sites. Wordfence decodes base64 when scanning files so the URL may not be visible if you view this file. The URL is: http://www.pivotal-solutions.co.uk/
I ran a Sucuri scan on my site. It was fine. I then ran the pivotal-solutions URL through their scanner and it says it's WP version is out of date and some additional information about the JS being the problem.
I opened the plugin and that file does exist in the original download and it looks similar in the original 1.5 download and the file on my site. I didn't not compare it carefully. It's a darn strange looking file to me. Wordfence did not flag this until today and I upgraded to 1.5 soon after it came out.
Can we just use Wordfence to delete this file?