Install Wordfence Security – Firewall, Malware Scan, and Login Security plugin from WordPress admin dashboard & Activate it by getting a free license.
Goto "All Options" tab under wordfence dashboard:
Make the following changes in WordFence Options (remember to click “Save Changes”):
Under General Wordfence Options, turn on:
Hide WordPress version
Disable Code Execution for Uploads directory
Under Scan Options >> General Options, turn on
Scan theme files against repository versions for changes
Scan plugin files against repository versions for changes
Scan files outside your WordPress installation
Scan images, binary, and other files as if they were executable
Make sure that the settings are saved (Click on Save changes on top of the page).
Now go to Scan tab and start a new scan and do all recommended steps on the scan page.
