Wordfence is highlighting this as a malicious code:
function customFiltersSettings() {
$settings = get_option('wp_custom_filters');
if (!$settings) {
return null;
}
return unserialize(base64_decode($settings));
}
This doesn't look to be bad, but I want to be sure.
Full code: https://pastebin.com/wi705icK
More info on the message:
This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: {\x0a $settings = get_option('wp_custom_filters');\x0a\x0a if (!$settings) {\x0a return null;\x0a }\x0a\x0a return unserialize(base64_decode($settings));
The issue type is: Hacktool:PHP/maliciousOptions.theme.11692 Description: Method used to hide malicious code in the database options table.