Scan Uploads options is a part of the Unrecognised File scanner.


You can use it to scan your Uploads folder for PHP and Javascript.


This is the folder that you can find in your 'wp-content' directory:

Important: Take care when turning on this option - if you are unsure, leave it disabled.


The Uploads folder is primarily for media, but could be used to store nefarious files.


If you have this option enabled...

... the Unrecognised File scanner will scan this folder.


Then, you may review scan results under the Scans section of the Shield Security Dashboard:

You can then decide if you want to keep it ('ignore' option) or delete it.