9
Validation results

Diary

Diary

WordPress 4.8.2 theme
9
Critical alerts
  1. WPScan Vulnerability Database : This theme is vulnerable to security breach "Site5 Wordpress Themes Email Spoofing"
    More on Wordpress Vulnerability Scanner site : https://wpvulndb.com/vulnerabilities/7354
  2. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.
  3. Malware : Operations on file system file_get_contents was found in the file theme-options.php
    Line 287: 'content' => nl2br(file_get_contents(trailingslashit(get_stylesheet_directory()).'README.html'
    file_get_contents was found in the file plugin-activation.php
    Line 2416: $plugin = @json_decode( @file_get_contents( 'https://api.wordpress.org/plugins/info/1.0/' . $item['s
  4. Admin menu : Themes should use add_theme_page() for adding admin pages. File theme-options.php :
    Line 108: //the list of available parent menus is available here: http://codex.wordpress.org/Function_Reference/add_submenu_page#Parameters
    File options.php :
    Line 201: $this->page = add_submenu_page(
    File options.php :
    Line 210: $this->page = add_menu_page(
    File plugin-activation.php :
    Line 646: $this->page_hook = call_user_func( 'add_{$type}_page', $args['parent_slug'], $args['page_title'], $args['menu_t
    File plugin-activation.php :
    Line 3922: add_menu_page(
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that has an incorrect number of arguments. Function __, with the arguments '&larr; ', Older posts, 'mythemeshop' in file archive.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Newer posts', &rarr;, 'mythemeshop' in file archive.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments '&larr; ', Older posts, 'mythemeshop' in file index.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Newer posts', &rarr;, 'mythemeshop' in file index.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are mythemeshop, Older posts, &rarr;, nhp-opts, framework, tgmpa.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  5. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  6. CSS files : Presence of license typeLicense: is missing from style.css header.
  7. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  8. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  9. CSS files : Presence of .screen-reader-text class.screen-reader-text css class is needed in your theme css. See : the Codex for an example implementation.
  10. Date and time implementation : Use of the_time()At least one hard coded date was found in the file archive.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileScreenshot size is 300x225px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in theme-actions.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file theme-options.php.
    Line 121: 'content' => __('<p>If you are facing any problem with our theme or theme option panel, head over to our <a href='http://community.mythemeshop.com'>Support Forum</a></p>', 'nhp-opts')
    Line 126: 'content' => __('<p>Options Panel created using the <a href='http://leemason.github.com/NHP-Theme-Options-Framework/' target='_blank'>NH
    Line 131: 'content' => __('<p>Earn 50% commision on every sale by refering your friends and readers. Join our <a href='http://mythemeshop.com/affiliate-program/'>Affiliate Program</a>.</p>', 'nh
    Line 157: 'sub_desc' => __('Upload a <strong>16 x 16 px</strong> image that will represent your website\'s favicon. You can refer to this link for more information on how to make it: <a href='http://www.favicon.cc/' target='blank' rel='nofollow'>http://www.favicon.cc
    Line 131: 'content' => __('<p>Earn 50% commision on every sale by refering your friends and readers. Join our <a href='http://mythemeshop.com/affiliate-program/'>Affiliate Program</a>.</p>', 'nh
    Line 183: 'std' => '<a href=''.get_bloginfo('url').'/' title=''.get_bloginfo('description').'' rel='nofollow'>'.get_bloginfo('name').'</a> Copyright &copy; '.date('Y').'. Theme by <a href='http://mythemeshop.com/' target='_blank'>MyThemeShop</a>.'
    Possible hard-coded links were found in the file options.php.
    Line 584: echo '<a href='http://mythemeshop.com' id='optionpanellogo' class='logo' target='_blank'><
    Line 588: echo '<a href='http://community.mythemeshop.com/' class='docsupport' target='_blank'><img 
    Possible hard-coded links were found in the file welcome-message.php.
    Line 25: $pointer_content .= '<p>If you face any problem, feel free to <a href='http://community.mythemeshop.com/'>contact us</a></p>';
    Possible hard-coded links were found in the file plugin-activation.php.
    Line 3722: 'source'    => 'https://mythemeshop.com/mythemeshop-connect.zip',
    Line 3739: 'info_link' => 'https://mythemeshop.com/plugins/wp-review-pro/',
    Line 3750: 'info_link' => 'https://mythemeshop.com/plugins/wp-subscribe-pro/',
    Line 3761: 'info_link' => 'https://mythemeshop.com/plugins/wp-notification-bar/',
    Line 3770: 'info_link' => 'https://mythemeshop.com/plugins/wp-mega-menu/',
    Line 3790: 'info_link' => 'https://mythemeshop.com/plugins/my-wp-backup-pro/',
    Line 4163: $author      = isset( $plugin['author'] ) ? $plugin['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Line 4187: $author      = isset( $info['author'] ) ? $info['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Line 3722: 'source'    => 'https://mythemeshop.com/mythemeshop-connect.zip',
    Line 3739: 'info_link' => 'https://mythemeshop.com/plugins/wp-review-pro/',
    Line 3750: 'info_link' => 'https://mythemeshop.com/plugins/wp-subscribe-pro/',
    Line 3761: 'info_link' => 'https://mythemeshop.com/plugins/wp-notification-bar/',
    Line 3770: 'info_link' => 'https://mythemeshop.com/plugins/wp-mega-menu/',
    Line 3790: 'info_link' => 'https://mythemeshop.com/plugins/my-wp-backup-pro/',
    Line 4163: $author      = isset( $plugin['author'] ) ? $plugin['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Line 4187: $author      = isset( $info['author'] ) ? $info['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Possible hard-coded links were found in the file widget-tweets.php.
    Line 38: echo '<strong>'.$tweets->errors[0]->message.'!</strong><br />'. esc_html( 'You\'ll need to regenerate it <a href='https://dev.twitter.com/apps' target='_blank'>here</a>!', 'framework' ) . $
    Line 91: echo '</select></p><p>Visit <a href='https://dev.twitter.com/apps/' target='_blank'>this link</a> in a new tab, 
    Line 91: echo '</select></p><p>Visit <a href='https://dev.twitter.com/apps/' target='_blank'>this link</a> in a new tab, 
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  7. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  8. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  9. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  10. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  11. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  12. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  13. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  14. Use of includes : Use of include or requireThe theme appears to use include or require : theme-options.php
    Line 7: require_once( dirname( __FILE__ ) . '/options/options.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : options.php
    Line 279: require_once($this->dir.'fields/'.$field['type'].'/field_'.$field['type'].'
    Line 518: require_once($this->dir.'validation/'.$field['validate'].'/validation_'.$fi
    Line 888: require_once($this->dir.'fields/'.$field['type'].'/field_'.$field['type'].'
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : plugin-activation.php
    Line 4054: include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
    Line 4223: include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : widget-tweets.php
    Line 29: //require_once('twitteroauth.php');
    Line 31: if(!require_once('twitteroauth.php')){ echo '<strong>Couldn\'t find twitteroaut
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

52
Critical alerts
  1. WPScan Vulnerability Database : This theme is vulnerable to security breach "Site5 Wordpress Themes Email Spoofing"
    More on Wordpress Vulnerability Scanner site : https://wpvulndb.com/vulnerabilities/7354
  2. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that has an incorrect number of arguments. Function __, with the arguments '&larr; ', Older posts, 'mythemeshop' in file archive.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Newer posts', &rarr;, 'mythemeshop' in file archive.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments '&larr; ', Older posts, 'mythemeshop' in file index.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Newer posts', &rarr;, 'mythemeshop' in file index.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are mythemeshop, Older posts, &rarr;, nhp-opts, framework, tgmpa.
  3. CSS files : Presence of license typeLicense: is missing from style.css header.
  4. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  5. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  6. CSS files : Presence of .screen-reader-text class.screen-reader-text css class is needed in your theme css. See : the Codex for an example implementation.
  7. Date and time implementation : Use of the_time()At least one hard coded date was found in the file archive.php. Function get_option( 'date_format' ) should be used instead.
  8. Screenshot : Screenshot fileScreenshot size is 300x225px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in theme-actions.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file theme-options.php.
    Line 121: 'content' => __('<p>If you are facing any problem with our theme or theme option panel, head over to our <a href='http://community.mythemeshop.com'>Support Forum</a></p>', 'nhp-opts')
    Line 126: 'content' => __('<p>Options Panel created using the <a href='http://leemason.github.com/NHP-Theme-Options-Framework/' target='_blank'>NH
    Line 131: 'content' => __('<p>Earn 50% commision on every sale by refering your friends and readers. Join our <a href='http://mythemeshop.com/affiliate-program/'>Affiliate Program</a>.</p>', 'nh
    Line 157: 'sub_desc' => __('Upload a <strong>16 x 16 px</strong> image that will represent your website\'s favicon. You can refer to this link for more information on how to make it: <a href='http://www.favicon.cc/' target='blank' rel='nofollow'>http://www.favicon.cc
    Line 131: 'content' => __('<p>Earn 50% commision on every sale by refering your friends and readers. Join our <a href='http://mythemeshop.com/affiliate-program/'>Affiliate Program</a>.</p>', 'nh
    Line 183: 'std' => '<a href=''.get_bloginfo('url').'/' title=''.get_bloginfo('description').'' rel='nofollow'>'.get_bloginfo('name').'</a> Copyright &copy; '.date('Y').'. Theme by <a href='http://mythemeshop.com/' target='_blank'>MyThemeShop</a>.'
    Possible hard-coded links were found in the file options.php.
    Line 584: echo '<a href='http://mythemeshop.com' id='optionpanellogo' class='logo' target='_blank'><
    Line 588: echo '<a href='http://community.mythemeshop.com/' class='docsupport' target='_blank'><img 
    Possible hard-coded links were found in the file welcome-message.php.
    Line 25: $pointer_content .= '<p>If you face any problem, feel free to <a href='http://community.mythemeshop.com/'>contact us</a></p>';
    Possible hard-coded links were found in the file plugin-activation.php.
    Line 3722: 'source'    => 'https://mythemeshop.com/mythemeshop-connect.zip',
    Line 3739: 'info_link' => 'https://mythemeshop.com/plugins/wp-review-pro/',
    Line 3750: 'info_link' => 'https://mythemeshop.com/plugins/wp-subscribe-pro/',
    Line 3761: 'info_link' => 'https://mythemeshop.com/plugins/wp-notification-bar/',
    Line 3770: 'info_link' => 'https://mythemeshop.com/plugins/wp-mega-menu/',
    Line 3790: 'info_link' => 'https://mythemeshop.com/plugins/my-wp-backup-pro/',
    Line 4163: $author      = isset( $plugin['author'] ) ? $plugin['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Line 4187: $author      = isset( $info['author'] ) ? $info['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Line 3722: 'source'    => 'https://mythemeshop.com/mythemeshop-connect.zip',
    Line 3739: 'info_link' => 'https://mythemeshop.com/plugins/wp-review-pro/',
    Line 3750: 'info_link' => 'https://mythemeshop.com/plugins/wp-subscribe-pro/',
    Line 3761: 'info_link' => 'https://mythemeshop.com/plugins/wp-notification-bar/',
    Line 3770: 'info_link' => 'https://mythemeshop.com/plugins/wp-mega-menu/',
    Line 3790: 'info_link' => 'https://mythemeshop.com/plugins/my-wp-backup-pro/',
    Line 4163: $author      = isset( $plugin['author'] ) ? $plugin['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Line 4187: $author      = isset( $info['author'] ) ? $info['author'] : '<a href='https://mythemeshop.com'>MyThemeShop</a>';
    Possible hard-coded links were found in the file widget-tweets.php.
    Line 38: echo '<strong>'.$tweets->errors[0]->message.'!</strong><br />'. esc_html( 'You\'ll need to regenerate it <a href='https://dev.twitter.com/apps' target='_blank'>here</a>!', 'framework' ) . $
    Line 91: echo '</select></p><p>Visit <a href='https://dev.twitter.com/apps/' target='_blank'>this link</a> in a new tab, 
    Line 91: echo '</select></p><p>Visit <a href='https://dev.twitter.com/apps/' target='_blank'>this link</a> in a new tab, 
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  7. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  8. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  9. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  10. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  11. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  12. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  13. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  14. Use of includes : Use of include or requireThe theme appears to use include or require : theme-options.php
    Line 7: require_once( dirname( __FILE__ ) . '/options/options.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : options.php
    Line 279: require_once($this->dir.'fields/'.$field['type'].'/field_'.$field['type'].'
    Line 518: require_once($this->dir.'validation/'.$field['validate'].'/validation_'.$fi
    Line 888: require_once($this->dir.'fields/'.$field['type'].'/field_'.$field['type'].'
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : plugin-activation.php
    Line 4054: include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
    Line 4223: include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : widget-tweets.php
    Line 29: //require_once('twitteroauth.php');
    Line 31: if(!require_once('twitteroauth.php')){ echo '<strong>Couldn\'t find twitteroaut
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes