Malcure Malware Scanner — Advanced Virus and Infection Cleanup

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "serve_checksums".

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'current_time'.

The use of function _get_plugin_data_markup_translate() is forbidden

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$pass_count'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$warn_count'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$fail_count'.

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "wp_malware_removal".

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: is_writable().

Use of a direct database call is discouraged.