Website hacked

Hi all,

Unfortunately, one of the websites I developed got hacked. I instantly got in contact with Sucuri to ensure the website didn´t contain anything harmful and also to protect that site from now on. I also installed a back-up as the site somehow, somewhere got damaged and was no longer visible. Instead, the basic configuration of Enfold was visible.

Anyhow, the site seems to be up and running again, but:
1. I get error messages above the header, related to the Enfold theme, such as:

Warning: Invalid argument supplied for foreach() in /home/id35772/domains/fhkn.nl/public_html/wp-content/themes/enfold/framework/php/class-superobject.php on line 140

Warning: session_start(): Cannot send session cache limiter – headers already sent (output started at /home/id35772/domains/fhkn.nl/public_html/wp-content/themes/enfold/framework/php/class-superobject.php:140) in /home/id35772/domains/fhkn.nl/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/masonry_entries.php on line 32

2. I can´t login in WordPress. I had a all-in-one security plugin installed and perhaps this is now causing problems. I figure, that once I can get to the backend, I simply update Enfold again, and be done with it.

Any thoughts would be appreciated…such as the meaning of those error messages. Is it something I can fix through FTP?

Regards,
Ruud