How to detect/trace which plugin/theme/script/file is creating vulnerabilities for the creation of malicious files?

I have Wordfence installed, which detects malicious files (such as access.php or include.php) in my installation every day. I regularly access the dashboard and remove these files, but they reappear afterward.

My plugins and themes are up to date, and Wordfence settings are quite strict, but the files keep reappearing.

Is it possible to trace where the vulnerability lies in the system? How can I do this?



This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer