Hey @tinpeas,
Thank you for your suggestions, we are working on fixing the additional WordPress code error, improving the file editor security fixer & the index.php suggestion. The fixes for these would be available in the next update.
For the index.php suggestion: We’re re-implementing this feature such that directory listing is fixed by adding Options -Indexes to the .htaccess file, rather than creating multiple index.php files.
For the automatic Wordfence scans you can try the following fix: Can you try to run the WordFence scans, after disabling the ‘Disable WP API JSON’ security fixer within the WP Hardening settings?
