I was using the CPanel at my host and got a warning that my WordPress may have been hacked. Looking further the report is that two .php files have been added. The files are:
A check of your WordPress directories produced the following errors/warnings:
Warning: File should not exist: wp-includes/certificates/object.php
Warning: File should not exist: wp-includes/customize/plugin.php
Are these files that my xTheme 4.6.4 has installed?
Should I allow the site to update the following:
WordPress
Plugins: coming-soon, constant-contact-forms, dropbox-backup, jetpack
Thanks.
bill