0
Validation results

Wiz

Wiz

WordPress 4.8 theme
0
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file framework.php.
    Line 309: $theme_options = unserialize( base64_decode( $default_options ) );
    Found base64_decode in file layered-popups-import.php.
    Line 52: $popup_data = base64_decode( $popup_data );
    Found base64_decode in file import.php.
    Line 295: $data      = unserialize( base64_decode( $file_data ) );
    Line 316: $data      = unserialize( base64_decode( $file_data ) );
  2. Security breaches : Use of base64_encode() Found base64_encode in file tweets-widget.php.
     $toSend		 = base64_encode( $credentials );
    Found base64_encode in file social-counter-widget.php.
     $toSend		 = base64_encode( $credentials );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe width="<?php echo $width; ?>" height="<?php echo $height; ?>" src="http://www.youtube.com/embed/<?php echo $youtube_video ?> in file video-widget.php.
    Line 35: <iframe width='<?php echo $width; ?>' height='<?php echo $height; ?>' src='
    Found <iframe id="fr" width="<?php echo $width; ?>" height="<?php echo $height; ?>" src="//www.youtube.com/subscribe_widget?p=<?php echo $channel_name ?> in file youtube-widget.php.
    Line 30: <iframe id='fr'  width='<?php echo $width; ?>' height='<?php echo $height; 
    Found <iframe width="' . $width . '" height="' . $height . '" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?url=' . $url . '&amp;auto_play=' . $autoplay . '&amp;show_artwork=true"> in file soundcloud-widget.php.
    Line 34: echo '<iframe width='' . $width . '' height='' . $height . '' scrolling='no' fram
  4. Malware : Operations on file system file_get_contents was found in the file parsers.php
    Line 66: $success = $dom->loadXML( file_get_contents( $file ) );
    Line 269: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
    file_get_contents was found in the file parsers.php
    Line 66: $success = $dom->loadXML( file_get_contents( $file ) );
    Line 269: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
    fopen was found in the file parsers.php
    Line 415: $fp = $this->fopen( $file, 'r' );
    Line 641: function fopen( $filename, $mode = 'r' ) {
    Line 644: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 464: $this->fclose($fp);
    Line 659: function fclose( $fp ) {
    Line 662: return fclose( $fp );
    fopen was found in the file parsers.php
    Line 415: $fp = $this->fopen( $file, 'r' );
    Line 641: function fopen( $filename, $mode = 'r' ) {
    Line 644: return fopen( $filename, $mode );
    fopen was found in the file parsers.php
    Line 415: $fp = $this->fopen( $file, 'r' );
    Line 641: function fopen( $filename, $mode = 'r' ) {
    Line 644: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 464: $this->fclose($fp);
    Line 659: function fclose( $fp ) {
    Line 662: return fclose( $fp );
    fclose was found in the file parsers.php
    Line 464: $this->fclose($fp);
    Line 659: function fclose( $fp ) {
    Line 662: return fclose( $fp );
    file_get_contents was found in the file import.php
    Line 507: $grids = file_get_contents( $ess_grid );
  5. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php :
    Line 641: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_t
    File ot-cleanup-api.php :
    Line 82: $theme_check_bs = 'add_menu_page';
    File ot-settings-api.php :
    Line 99: $theme_check_bs   = 'add_menu_page';
    File ot-settings-api.php :
    Line 100: $theme_check_bs2  = 'add_submenu_page';
  6. Deprecated functions : wp_get_http wp_get_http found in file wordpress-importer.php. Deprecated since version 4.4. Use WP_Http instead.
    Line 905: $headers = wp_get_http( $url, $upload['file'] );
  7. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ultimate_vc_addons.zip essential-grid.zip layered-popups.zip one-page-navigator.zip layerslider.zip revslider.zip leap-port.zip easy-social-share-buttons3.zip js_composer.zip eventon.zip wiz_accounting.zip wiz_startup.zip wiz_corporate.zip wiz_cafe.zip cafe-font-icons.zip wiz_the_place.zip wiz_home.zip wiz_shop.zip freelancer_home.zip wiz_charity.zip charity-font-icons.zip wiz_bakery.zip wiz_restaurant.zip restaurant-font-icons.zip wiz_advertising.zip wiz_nutritional.zip myf8wvzuuhxeb8qm.zip w5o9oiw6v9unjy1f.zip photographer-wiz.zip wiz_clinic.zip clinic-icons.zip npixwmwo9zmidrhj.zip hdertgz1fsjdvqel.zip 9uqnjg398ykix381.zip p7x9f7i6no8s8enh.zip firm_home.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag responsive-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Remove Image' in file tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Upload Image' in file tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Ex. <b>chevron-right</b> <a target="_blank" href="http://fortawesome.github.io/Font-Awesome/icons/">Icon List</a>' in file addons.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Ex. <b>fa fa-chevron-right</b> <a target="_blank" href="http://fortawesome.github.io/Font-Awesome/icons/">Icon List</a>' in file addons.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are wiz, leap-port, woocommerce, wiz, option-tree, tgmpa, default, theme-text-domain, option-tree-theme, envato-wordpress-toolkit, wordpress-importer, ulp, tax-meta.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.
  4. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  5. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in header.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file theme-options.php.
    Line 648: 'desc'         => __( 'It\'s recommended to enter your own Google Font API Key to make sure Google fonts will work properly and to get google fonts library updates. To learn more about Fonts manager click <a href='http://www.leap13.com/2015/08/26/fonts-manager/' target='_blank'>here</a>',
    Line 791: 'desc'         => __( 'Smart Skin controls and changes your entire website color scheme, Select whether you want light to dark theme then select from readymade Smart Skins available and/or customize your own Smart Skin. <a href='https://youtu.be/hsVqOQoF4DM' target='_blank'>Click here</a> to Watch Smart
    Line 947: 'desc'         => __( 'It\'s recommended to read help notes below which describes what theme elements will be affected when changing each value from below before you start customizing the Smart Skin. Also you can use Smart Skin Generator to instantly generate a complete Smart Skin from 2 colors.<br><br><a href='http://www.leap13.com/website-clolor-scheme-generator-smart-skin-generator/
    Line 7489: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7504: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7489: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7504: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : framework.php
    Line 304: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-functions-docs-page.php
    Line 751: require( trailingslashit( get_template_directory() ) . \'includes/meta-boxe
    Line 834: require( trailingslashit( get_template_directory() ) . \'option-tree/ot-loa
    Line 851: require( trailingslashit( get_template_directory() ) . \'includes/theme-opt
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-loader.php
    Line 550: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : demo-functions.php
    Line 65: # require( trailingslashit( get_template_directory() ) . 'option-tree/ot-load
    Line 70: # require( trailingslashit( get_template_directory() ) . 'admin/theme-options
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : layered-popups-import.php
    Line 24: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : import.php
    Line 18: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : tax_to_term_meta.php
    Line 17: * 	require_once('Tax-meta-class/migration/tax_to_term_meta.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

56
Critical alerts
  1. Deprecated functions : wp_get_http wp_get_http found in file wordpress-importer.php. Deprecated since version 4.4. Use WP_Http instead.
    Line 905: $headers = wp_get_http( $url, $upload['file'] );
  2. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ultimate_vc_addons.zip essential-grid.zip layered-popups.zip one-page-navigator.zip layerslider.zip revslider.zip leap-port.zip easy-social-share-buttons3.zip js_composer.zip eventon.zip wiz_accounting.zip wiz_startup.zip wiz_corporate.zip wiz_cafe.zip cafe-font-icons.zip wiz_the_place.zip wiz_home.zip wiz_shop.zip freelancer_home.zip wiz_charity.zip charity-font-icons.zip wiz_bakery.zip wiz_restaurant.zip restaurant-font-icons.zip wiz_advertising.zip wiz_nutritional.zip myf8wvzuuhxeb8qm.zip w5o9oiw6v9unjy1f.zip photographer-wiz.zip wiz_clinic.zip clinic-icons.zip npixwmwo9zmidrhj.zip hdertgz1fsjdvqel.zip 9uqnjg398ykix381.zip p7x9f7i6no8s8enh.zip firm_home.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag responsive-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Remove Image' in file tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Upload Image' in file tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Ex. <b>chevron-right</b> <a target="_blank" href="http://fortawesome.github.io/Font-Awesome/icons/">Icon List</a>' in file addons.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Ex. <b>fa fa-chevron-right</b> <a target="_blank" href="http://fortawesome.github.io/Font-Awesome/icons/">Icon List</a>' in file addons.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are wiz, leap-port, woocommerce, wiz, option-tree, tgmpa, default, theme-text-domain, option-tree-theme, envato-wordpress-toolkit, wordpress-importer, ulp, tax-meta.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.
  4. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in header.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file theme-options.php.
    Line 648: 'desc'         => __( 'It\'s recommended to enter your own Google Font API Key to make sure Google fonts will work properly and to get google fonts library updates. To learn more about Fonts manager click <a href='http://www.leap13.com/2015/08/26/fonts-manager/' target='_blank'>here</a>',
    Line 791: 'desc'         => __( 'Smart Skin controls and changes your entire website color scheme, Select whether you want light to dark theme then select from readymade Smart Skins available and/or customize your own Smart Skin. <a href='https://youtu.be/hsVqOQoF4DM' target='_blank'>Click here</a> to Watch Smart
    Line 947: 'desc'         => __( 'It\'s recommended to read help notes below which describes what theme elements will be affected when changing each value from below before you start customizing the Smart Skin. Also you can use Smart Skin Generator to instantly generate a complete Smart Skin from 2 colors.<br><br><a href='http://www.leap13.com/website-clolor-scheme-generator-smart-skin-generator/
    Line 7489: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7504: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7489: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7504: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : framework.php
    Line 304: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-functions-docs-page.php
    Line 751: require( trailingslashit( get_template_directory() ) . \'includes/meta-boxe
    Line 834: require( trailingslashit( get_template_directory() ) . \'option-tree/ot-loa
    Line 851: require( trailingslashit( get_template_directory() ) . \'includes/theme-opt
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-loader.php
    Line 550: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : demo-functions.php
    Line 65: # require( trailingslashit( get_template_directory() ) . 'option-tree/ot-load
    Line 70: # require( trailingslashit( get_template_directory() ) . 'admin/theme-options
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : layered-popups-import.php
    Line 24: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : import.php
    Line 18: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : tax_to_term_meta.php
    Line 17: * 	require_once('Tax-meta-class/migration/tax_to_term_meta.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes