See conversation with plugin developer here: https://wordpress.org/support/topic/potential-security-weakness-line-590-of-class-aepc-admin-view-php/
“From WPMUDEV Defender:
We’ve identified some code in class-aepc-admin-view.php that could be a potential security weakness. We recommend you take a look to be sure everything is OK and contact your developer if you need help fixing the issue. Sometimes these checks are false positives, so if you know the code is harmless you can ignore this warning. Alternately you can choose delete this file, but be sure to perform a backup and double-check the file isn’t required by a plugin or theme to run correctly.
File Location: /wp-content/plugins/pixel-caffeine/includes/admin/class-aepc-admin-view.php
Found 1 issues.
The function extract line 590 column 3 execute using unsanitize user inputs”
Response from plugin developer:
“The line in consideration contains already a sanitization of the user inputs, so I can confirm that you can whitelist it in the Defender.
Anyway, I suggest also to report this warning to the WPMUDEV developers because the user inputs are already sanitized in this case, so it doesn’t seem to have any sense.”