0
Validation results

Houzez

Houzez

WordPress 4.7.3 theme
0
Critical alerts
  1. Security breaches : Use of PHP sytem calls Found passthru in file build.php.
    Ligne23: passthru(
  2. Security breaches : Use of base64_decode() Found base64_decode in file cron-functions.php.
    Ligne209: $arguments = unserialize( base64_decode( $houzez_saved_search->query ) );
    Found base64_decode in file search-list.php.
    Ligne6: $search_args_decoded = unserialize( base64_decode( $search_args ) );
    Found base64_decode in file OAuth.php.
    Ligne202: $decoded_sig = base64_decode($signature);
    Found base64_decode in file yelpoauth.php.
    Ligne207: $decoded_sig = base64_decode( $signature );
  3. Security breaches : Use of base64_encode() Found base64_encode in file property_functions.php.
     $encoded_query = base64_encode( serialize( $query_args->query ) );
    Found base64_encode in file save-search.php.
     <input type='hidden' name='search_args' value='<?php print base64_encode( serialize( $search_qry ) ); ?>'>
    Found base64_encode in file OAuth.php.
     return base64_encode(hash_hmac('sha1', $base_string, $key, true));
     return base64_encode($signature);
    Found base64_encode in file yelpoauth.php.
     return base64_encode( hash_hmac( 'sha1', $base_string, $key, true ) );
     return base64_encode( $signature );
  4. Malware : Operations on file system file_put_contents was found in the file 02-webhook-verification.php
    Ligne60: file_put_contents($database, $status);
    file_put_contents was found in the file 10-oauth-new-payment.php
    Ligne83: file_put_contents($database, $status);
    file_put_contents was found in the file 12-new-customer-payment.php
    Ligne68: file_put_contents($database, $status);
    file_put_contents was found in the file 01-new-payment.php
    Ligne70: file_put_contents($database, $status);
    file_put_contents was found in the file 04-ideal-payment.php
    Ligne94: file_put_contents($database, $status);
    file_get_contents was found in the file 03-return-page.php
    Ligne35: $status  = @file_get_contents($database);
    file_put_contents was found in the file 14-recurring-first-payment.php
    Ligne74: file_put_contents($database, $status);
    fopen was found in the file FileUploadTest.php
    Ligne9: $fp = fopen(dirname(__FILE__).'/../data/test.png', 'r');
    fclose was found in the file FileUploadTest.php
    Ligne17: fclose($fp);
    file_get_contents was found in the file build.php
    Ligne10: $composer = json_decode(file_get_contents('composer.json'), true);
    file_put_contents was found in the file build.php
    Ligne13: file_put_contents('composer.json', json_encode($composer));
    file_get_contents was found in the file OAuth.php
    Ligne272: file_get_contents(self::$POST_INPUT)
    file_get_contents was found in the file yelpoauth.php
    Ligne278: file_get_contents( self::$POST_INPUT )
    file_get_contents was found in the file template-paypal-ipn.php
    Ligne23: $raw_post_data = file_get_contents('php://input');
    file_get_contents was found in the file template-stripe-charge.php
    Ligne34: $input = @file_get_contents('php://input');
  5. Malware : Network operations curl_init was found in the file Client.php
    Ligne338: $this->ch = curl_init();
    curl_exec was found in the file Client.php
    Ligne389: $body = curl_exec($this->ch);
    Ligne400: $body = curl_exec($this->ch);
    curl_exec was found in the file Client.php
    Ligne389: $body = curl_exec($this->ch);
    Ligne400: $body = curl_exec($this->ch);
    curl_init was found in the file WalkScore.php
    Ligne37: $curlHandler = curl_init();
    curl_exec was found in the file WalkScore.php
    Ligne42: curl_exec($curlHandler);
    curl_init was found in the file class.paypal.recurring.php
    Ligne61: $ch = curl_init();
    Ligne161: $ch = curl_init();
    Ligne237: $ch = curl_init();
    Ligne309: $ch = curl_init();
    curl_exec was found in the file class.paypal.recurring.php
    Ligne79: $httpResponse = curl_exec($ch);
    Ligne179: $httpResponse = curl_exec($ch);
    Ligne255: $httpResponse = curl_exec($ch);
    Ligne328: $httpResponse = curl_exec($ch);
    curl_init was found in the file class.paypal.recurring.php
    Ligne61: $ch = curl_init();
    Ligne161: $ch = curl_init();
    Ligne237: $ch = curl_init();
    Ligne309: $ch = curl_init();
    curl_exec was found in the file class.paypal.recurring.php
    Ligne79: $httpResponse = curl_exec($ch);
    Ligne179: $httpResponse = curl_exec($ch);
    Ligne255: $httpResponse = curl_exec($ch);
    Ligne328: $httpResponse = curl_exec($ch);
    curl_init was found in the file class.paypal.recurring.php
    Ligne61: $ch = curl_init();
    Ligne161: $ch = curl_init();
    Ligne237: $ch = curl_init();
    Ligne309: $ch = curl_init();
    curl_exec was found in the file class.paypal.recurring.php
    Ligne79: $httpResponse = curl_exec($ch);
    Ligne179: $httpResponse = curl_exec($ch);
    Ligne255: $httpResponse = curl_exec($ch);
    Ligne328: $httpResponse = curl_exec($ch);
    curl_init was found in the file class.paypal.recurring.php
    Ligne61: $ch = curl_init();
    Ligne161: $ch = curl_init();
    Ligne237: $ch = curl_init();
    Ligne309: $ch = curl_init();
    curl_exec was found in the file class.paypal.recurring.php
    Ligne79: $httpResponse = curl_exec($ch);
    Ligne179: $httpResponse = curl_exec($ch);
    Ligne255: $httpResponse = curl_exec($ch);
    Ligne328: $httpResponse = curl_exec($ch);
    curl_init was found in the file helper_functions.php
    Ligne3756: $ch = curl_init($signed_url);
    curl_exec was found in the file helper_functions.php
    Ligne3759: $data = curl_exec($ch); // Yelp response
    curl_init was found in the file TwocheckoutApi.php
    Ligne24: $ch = curl_init($url);
    curl_exec was found in the file TwocheckoutApi.php
    Ligne46: $resp = curl_exec($ch);
    curl_init was found in the file CurlClient.php
    Ligne80: $curl = curl_init();
    curl_exec was found in the file CurlClient.php
    Ligne156: $rbody = curl_exec($curl);
    Ligne174: $rbody = curl_exec($curl);
    curl_exec was found in the file CurlClient.php
    Ligne156: $rbody = curl_exec($curl);
    Ligne174: $rbody = curl_exec($curl);
    curl_init was found in the file twitteroauth.php
    Ligne203: $ci = curl_init();
    curl_exec was found in the file twitteroauth.php
    Ligne229: $response = curl_exec($ci);
    curl_init was found in the file template-paypal-ipn.php
    Ligne64: $ch = curl_init($paypal_url);
    curl_exec was found in the file template-paypal-ipn.php
    Ligne89: $res = curl_exec($ch);
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File fave-options.php :
    Ligne88: // For a full list of options, visit: http://codex.wordpress.org/Function_Reference/add_submenu_page#Parameters
  7. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : functions.php.
  8. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was houzez-theme-functionality.zip revslider.zip houzez-login-register.zip js_composer.zip houzez-advanced-search.php.zip.
Warning
  1. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are tgmpa, houzez.
  2. Cdn : Use of CDNFound the URL of a CDN in the code: code.jquery.com/jquery-. CSS or Javascript resources should not be loaded from a CDN. These resources should be bundled with the theme.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  5. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  6. Date and time implementation : Use of date_i18n()At least one hard coded date was found in the file property-expirator.php. Function get_option( 'date_format' ) should be used instead.
  7. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in favicon-apple-icons.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file houzez-flickr-photos.php.
    Ligne152: <label for='<?php echo esc_attr( $this->get_field_id( 'userid' ) ); ?>'><?php esc_html_e( 'Flickr ID', 'houzez' ); ?>:</label> <small><a href='http://idgettr.com/' target='_blank'><?php esc_html_e( 'What\'s my Flickr I
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  7. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  8. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  11. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  12. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  13. Use of includes : Use of include or requireThe theme appears to use include or require : 02-webhook-verification.php
    Ligne12: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 09-oauth-list-settlements.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 05-payments-history.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 17-cancel-subscription.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 10-oauth-new-payment.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 15-recurring-payment.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 21-reset-apikey.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 12-new-customer-payment.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 16-recurring-subscription.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 01-new-payment.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 20-list-apikeys.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 18-update-customer.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 08-oauth-list-profiles.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 11-new-customer.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 04-ideal-payment.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 13-customer-payments-history.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 06-list-activated-methods.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 07-refund-payment.php
    Ligne12: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 19-update-profile.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : 14-recurring-first-payment.php
    Ligne11: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : db-update.php
    Ligne31: require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : membership-functions.php
    Ligne169: require_once( get_template_directory() . '/framework/2checkout/lib/Twocheck
    Ligne460: require_once( get_template_directory() . '/framework/2checkout/lib/Twocheck
    Ligne738: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    Ligne783: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    Ligne851: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    Ligne919: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    Ligne1068: require_once( get_template_directory() . '/framework/mollie-api-php/src/Mol
    Ligne1998: require( get_template_directory() . '/framework/paypal-recurring/class.payp
    Ligne2272: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    Ligne2306: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : Twocheckout.php
    Ligne55: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutAccount.php');
    Ligne56: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutPayment.php');
    Ligne57: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutApi.php');
    Ligne58: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutSale.php');
    Ligne59: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutProduct.php');
    Ligne60: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutCoupon.php');
    Ligne61: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutOption.php');
    Ligne62: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutUtil.php');
    Ligne63: require(dirname(__FILE__) . '/Twocheckout/Api/TwocheckoutError.php');
    Ligne64: require(dirname(__FILE__) . '/Twocheckout/TwocheckoutReturn.php');
    Ligne65: require(dirname(__FILE__) . '/Twocheckout/TwocheckoutNotification.php');
    Ligne66: require(dirname(__FILE__) . '/Twocheckout/TwocheckoutCharge.php');
    Ligne67: require(dirname(__FILE__) . '/Twocheckout/TwocheckoutMessage.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : init.php
    Ligne4: require(dirname(__FILE__) . '/lib/Stripe.php');
    Ligne7: require(dirname(__FILE__) . '/lib/Util/AutoPagingIterator.php');
    Ligne8: require(dirname(__FILE__) . '/lib/Util/RequestOptions.php');
    Ligne9: require(dirname(__FILE__) . '/lib/Util/Set.php');
    Ligne10: require(dirname(__FILE__) . '/lib/Util/Util.php');
    Ligne13: require(dirname(__FILE__) . '/lib/HttpClient/ClientInterface.php');
    Ligne14: require(dirname(__FILE__) . '/lib/HttpClient/CurlClient.php');
    Ligne17: require(dirname(__FILE__) . '/lib/Error/Base.php');
    Ligne18: require(dirname(__FILE__) . '/lib/Error/Api.php');
    Ligne19: require(dirname(__FILE__) . '/lib/Error/ApiConnection.php');
    Ligne20: require(dirname(__FILE__) . '/lib/Error/Authentication.php');
    Ligne21: require(dirname(__FILE__) . '/lib/Error/Card.php');
    Ligne22: require(dirname(__FILE__) . '/lib/Error/InvalidRequest.php');
    Ligne23: require(dirname(__FILE__) . '/lib/Error/RateLimit.php');
    Ligne26: require(dirname(__FILE__) . '/lib/ApiResponse.php');
    Ligne27: require(dirname(__FILE__) . '/lib/JsonSerializable.php');
    Ligne28: require(dirname(__FILE__) . '/lib/StripeObject.php');
    Ligne29: require(dirname(__FILE__) . '/lib/ApiRequestor.php');
    Ligne30: require(dirname(__FILE__) . '/lib/ApiResource.php');
    Ligne31: require(dirname(__FILE__) . '/lib/SingletonApiResource.php');
    Ligne32: require(dirname(__FILE__) . '/lib/AttachedObject.php');
    Ligne33: require(dirname(__FILE__) . '/lib/ExternalAccount.php');
    Ligne36: require(dirname(__FILE__) . '/lib/Account.php');
    Ligne37: require(dirname(__FILE__) . '/lib/AlipayAccount.php');
    Ligne38: require(dirname(__FILE__) . '/lib/ApplicationFee.php');
    Ligne39: require(dirname(__FILE__) . '/lib/ApplicationFeeRefund.php');
    Ligne40: require(dirname(__FILE__) . '/lib/Balance.php');
    Ligne41: require(dirname(__FILE__) . '/lib/BalanceTransaction.php');
    Ligne42: require(dirname(__FILE__) . '/lib/BankAccount.php');
    Ligne43: require(dirname(__FILE__) . '/lib/BitcoinReceiver.php');
    Ligne44: require(dirname(__FILE__) . '/lib/BitcoinTransaction.php');
    Ligne45: require(dirname(__FILE__) . '/lib/Card.php');
    Ligne46: require(dirname(__FILE__) . '/lib/Charge.php');
    Ligne47: require(dirname(__FILE__) . '/lib/Collection.php');
    Ligne48: require(dirname(__FILE__) . '/lib/CountrySpec.php');
    Ligne49: require(dirname(__FILE__) . '/lib/Coupon.php');
    Ligne50: require(dirname(__FILE__) . '/lib/Customer.php');
    Ligne51: require(dirname(__FILE__) . '/lib/Dispute.php');
    Ligne52: require(dirname(__FILE__) . '/lib/Event.php');
    Ligne53: require(dirname(__FILE__) . '/lib/FileUpload.php');
    Ligne54: require(dirname(__FILE__) . '/lib/Invoice.php');
    Ligne55: require(dirname(__FILE__) . '/lib/InvoiceItem.php');
    Ligne56: require(dirname(__FILE__) . '/lib/Order.php');
    Ligne57: require(dirname(__FILE__) . '/lib/OrderReturn.php');
    Ligne58: require(dirname(__FILE__) . '/lib/Plan.php');
    Ligne59: require(dirname(__FILE__) . '/lib/Product.php');
    Ligne60: require(dirname(__FILE__) . '/lib/Recipient.php');
    Ligne61: require(dirname(__FILE__) . '/lib/Refund.php');
    Ligne62: require(dirname(__FILE__) . '/lib/SKU.php');
    Ligne63: require(dirname(__FILE__) . '/lib/Subscription.php');
    Ligne64: require(dirname(__FILE__) . '/lib/Token.php');
    Ligne65: require(dirname(__FILE__) . '/lib/Transfer.php');
    Ligne66: require(dirname(__FILE__) . '/lib/TransferReversal.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : twitteroauth.php
    Ligne11: require_once('OAuth.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : template-thankyou.php
    Ligne198: require( get_template_directory() . '/framework/paypal-recurring/class.payp
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : template-stripe-charge.php
    Ligne10: require_once( get_template_directory() . '/framework/stripe-php/init.php' )
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : template-mollie.php
    Ligne10: require_once( get_template_directory() . '/framework/mollie-api-php/src/Mol
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : template-2checkout.php
    Ligne29: require_once( get_template_directory() . '/framework/2checkout/lib/Twocheck
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes