0
Validation results

The7.2

The7.2

WordPress 4.9.1 theme
0
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_decode() Found base64_decode in file options-framework.php.
    Ligne498: $import_options = @unserialize(@base64_decode($input['import_export']));
    Found base64_decode in file button.php.
    Ligne71: $attributes['icon'] = wp_kses( rawurldecode( base64_decode( $attributes['icon'] ) ), array( 'i' => array( 'class' => arr
  3. Security breaches : Use of base64_encode() Found base64_encode in file options-interface.php.
     $val = base64_encode( serialize( $valid_settings ) );
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="' . esc_url($src) . '" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" width="500" height="' . $height . '"> in file map.php.
    Ligne82: $output = '<div class='' . esc_attr( $classes ) . '' style='' . esc_attr( $style ) . ''><iframe src='' . esc_url($src) . '' frameborder='0' marginwidth='0' marginh
    Found <iframe src="http://www.facebook.com/plugins/like.php?href=' . $url . '&amp;layout=' . $type . '&amp;show_faces=false&amp;action=like&amp;colorscheme=light" scrolling="no" frameborder="0" allowTransparency="true"> in file vc_facebook.php.
  5. Malware : Operations on file system fwrite was found in the file InputTest.php
    Ligne8: fwrite(STDOUT, print_r($value, true));
    file_get_contents was found in the file InputTest.php
    Ligne45: $input = file_get_contents($inFname);
    Ligne46: $output = file_get_contents($outFname);
    Ligne58: $css = $this->less->parse(file_get_contents($inFname));
    file_get_contents was found in the file InputTest.php
    Ligne45: $input = file_get_contents($inFname);
    Ligne46: $output = file_get_contents($outFname);
    Ligne58: $css = $this->less->parse(file_get_contents($inFname));
    file_get_contents was found in the file InputTest.php
    Ligne45: $input = file_get_contents($inFname);
    Ligne46: $output = file_get_contents($outFname);
    Ligne58: $css = $this->less->parse(file_get_contents($inFname));
    file_put_contents was found in the file InputTest.php
    Ligne59: file_put_contents(self::outputNameFor($inFname), $css);
    file_get_contents was found in the file sort.php
    Ligne56: echo $less->parse(file_get_contents($fname));
    file_get_contents was found in the file lessc.inc.php
    Ligne121: $root = $parser->parse(file_get_contents($realPath));
    Ligne1851: $out = $this->compile(file_get_contents($fname), $fname);
    fwrite was found in the file lessc.inc.php
    Ligne708: // fwrite(STDERR,'failed to find block: '.implode(' > ', $path).'\n');
    file_get_contents was found in the file lessc.inc.php
    Ligne121: $root = $parser->parse(file_get_contents($realPath));
    Ligne1851: $out = $this->compile(file_get_contents($fname), $fname);
    file_put_contents was found in the file lessc.inc.php
    Ligne1856: return file_put_contents($outFname, $out);
    file_put_contents was found in the file Compiler.class.php
    Ligne132: if ( false === file_put_contents( $stylesheet->getTargetPath(), apply_filters('wp-less_sty
    file_get_contents was found in the file Stylesheet.class.php
    Ligne121: return apply_filters('wp-less_stylesheet_source_content', file_get_contents($this->source_path));
    file_get_contents was found in the file icons-bar.class.php
    Ligne66: $json = file_get_contents( $this->fontello_json_path, 0, null, null );
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File options-framework.php :
    Ligne258: $main_page = add_menu_page( $main_menu_item['menu_title'], $main_menu_item['main_title']
    File options-framework.php :
    Ligne267: $subpage = add_submenu_page(
    File class-tgm-plugin-activation.php :
    Ligne377: add_submenu_page( $args['parent_slug'], $args['page_title'], $args['menu_ti
  7. Deprecated functions : get_currentuserinfo get_currentuserinfo found in file simple-login.php. Deprecated since version 4.5. Use wp_get_current_user instead.
    Ligne106: get_currentuserinfo();
  8. Deprecated functions : get_bloginfo get_bloginfo('url') was found in the file wpml-integration.php. Use home_url() instead.
    Ligne17: // - get_bloginfo('url')
  9. Deprecated functions : bloginfo bloginfo('home') was found in the file wpml-integration.php. Use echo esc_url( home_url() ) instead.
    Ligne15: // - bloginfo('home')
    bloginfo('url') was found in the file wpml-integration.php. Use echo esc_url( home_url() ) instead.
    Ligne16: // - bloginfo('url')
    Ligne17: // - get_bloginfo('url')
  10. Deprecated functions : get_option get_option('home') was found in the file wpml-integration.php. Use home_url() instead.
    Ligne14: // - get_option('home')
  11. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ultimate_vc_addons.zip go_pricing.zip layerslider.zip revslider.zip dt-dummy.zip js_composer.zip.
Warning
  1. special URIs : Presence of bad theme tagsTheme URI and Author URI should not be the same.
  2. theme tags : Presence of bad theme tagsThe tag flexible-width has been deprecated, it must be removed from style.css header.
  3. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is the7-2.
  4. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'the7mk2' in file shipping-calculator.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Empty atachments' in file metabox-fields.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Icons Bar', 'admin icons bar' in file icons-bar.class.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Icons', 'admin icons bar' in file icons-bar.class.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin activating plugin', 'Begin activating plugins' in file class-tgm-plugin-activation.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Install Required Plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Install Plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Installing Plugin: %s' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Something went wrong with the plugin API.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Activate installed plugin', 'Activate installed plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Return to Required Plugins Installer' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Plugin activated successfully.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'All plugins installed and activated successfully. %s' in file tgm-plugin-setup.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'None', backend, 'the7mk2' in file admin-functions.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%s (Invalid)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%s (Pending)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'sub item' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'Move up' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'Move down' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'Edit Menu Item' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Edit Menu Item' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'URL' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Navigation Label' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Title Attribute' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Open link in a new window/tab' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'CSS Classes (optional)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Link Relationship (XFN)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Description' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'The description will be displayed in the menu if the current theme supports it.' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Move' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Up one' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Down one' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'To the top' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Original: %s' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Remove' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Cancel' in file edit-menu-walker.class.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are the7mk2, rwmb, tgmpa, envato, backend, woocommerce.
  5. Cdn : Use of CDNFound the URL of a CDN in the code: html5shiv.googlecode.com/svn/trunk/html5.js. CSS or Javascript resources should not be loaded from a CDN. These resources should be bundled with the theme.
  6. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  7. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file admin-stylesheet.css.
  8. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  9. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  10. I18N implementation : Proper use of _e(Possible variable $str found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $arg found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $items found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $string found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $val found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $newUnit found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $res found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $key found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $part found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
  11. I18N implementation : Proper use of ___all(Possible variable $cvalue found in translation function in shipping-calculator.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables.
  12. I18N implementation : Proper use of _x(Possible variable $value found in translation function in options-sanitize.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in icons-bar.class.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in icons-bar.class.php. Translation function calls should not contain PHP variables. Possible variable $opts found in translation function in options-buttons.php. Translation function calls should not contain PHP variables.
  13. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  14. Screenshot : Screenshot fileScreenshot size is 600x450px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in core-functions.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file bottom-bar.php.
    Ligne57: echo '&nbsp;Dream-Theme &mdash; truly <a href='http://dream-theme.com' target='_blank'>premium WordPress themes</a>';
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  7. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : meta-box.php
    Ligne15: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/override-field
    Ligne21: require_once( RWMB_DIR . 'meta-box.php' );
    Ligne27: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/metabox-fields
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : lessify.inc.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : options-custom.php
    Ligne223: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : post-types.php
    Ligne1369: require_once( PRESSCORE_EXTENSIONS_DIR . '/aq_resizer.php' );
    Ligne1375: require_once( PRESSCORE_DIR . '/helpers.php' );
    Ligne1381: require_once( PRESSCORE_DIR . '/template-hooks.php' );
    Ligne1387: require_once( PRESSCORE_EXTENSIONS_DIR . '/dt-pagination.php' );
    Ligne1395: require_once( PRESSCORE_EXTENSIONS_DIR . '/mobile-detect.php' );
    Ligne1529: require_once( PRESSCORE_EXTENSIONS_DIR . '/aq_resizer.php' );
    Ligne1535: require_once( PRESSCORE_DIR . '/helpers.php' );
    Ligne1541: require_once( PRESSCORE_DIR . '/template-hooks.php' );
    Ligne1547: require_once( PRESSCORE_EXTENSIONS_DIR . '/dt-pagination.php' );
    Ligne1555: require_once( PRESSCORE_EXTENSIONS_DIR . '/mobile-detect.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : blog-categories.php
    Ligne13: require_once 'widgets-posts-categories.class.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : custom-menu-2.php
    Ligne13: require_once 'widgets-custom-menu.class.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : custom-menu-1.php
    Ligne13: require_once 'widgets-custom-menu.class.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : dynamic-stylesheets-functions.php
    Ligne128: require_once( PRESSCORE_EXTENSIONS_DIR . '/wp-less/bootstrap-for-theme.php'
    Ligne143: require_once( PRESSCORE_EXTENSIONS_DIR . '/less-functions.php' );
    Ligne151: include_once( $located_file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-tgm-plugin-activation.php
    Ligne1160: require_once( ABSPATH . 'wp-admin/includes/class-wp-list-table.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-envato-wordpress-theme-upgrader.php
    Ligne11: include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
    Ligne13: include_once( 'class-envato-protected-api.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : mod-totalcache.php
    Ligne52: include( get_template_directory() . '/inc/extensions/mobile-detect.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : mod-supercache.php
    Ligne16: include( get_template_directory() . '/inc/extensions/mobile-detect.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes