includes/Generator/AbstractBaseGenerator.php 
     php.lang.security.weak-crypto.weak-crypto
        Detected usage of weak crypto function. Consider using stronger alternatives.
        Details: https://sg.run/KlBn

        130┆ $cacheHash =
        131┆ '?version=' . md5( $file->getTimestamp() . $file->getWidth() . $file->getHeight() );


 includes/WikiSEO.php 
     php.lang.security.unserialize-use.unserialize-use
        Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution.
        Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).
        Details: https://sg.run/b24E

        258┆ $valueUnserialized = unserialize( $value, [ 'allowed_classes' => false ] );
          ⋮┆----------------------------------------
        288┆ $value = unserialize( $prop, [ 'allowed_classes' => false ] );


 maintenance/GenerateDescription.php 
     php.lang.security.file-inclusion.file-inclusion
        Detected non-constant file inclusion. This can lead to local file inclusion (LFI) or remote
        file inclusion (RFI) if user input reaches this statement. LFI and RFI could lead to
        sensitive files being obtained by attackers. Instead, explicitly specify what to include. If
        that is not a viable solution, validate user input thoroughly.
        Details: https://sg.run/Ge56

         10┆ require_once "$IP/maintenance/Maintenance.php";
          ⋮┆----------------------------------------
         94┆ require_once RUN_MAINTENANCE_IF_MAIN;