0
Validation results

Wiz

Wiz

WordPress 4.8.2 theme
0
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file framework.php.
    Line 309: $theme_options = unserialize( base64_decode( $default_options ) );
    Found base64_decode in file layered-popups-import.php.
    Line 52: $popup_data = base64_decode( $popup_data );
    Found base64_decode in file import.php.
    Line 297: $data      = unserialize( base64_decode( $file_data ) );
    Line 318: $data      = unserialize( base64_decode( $file_data ) );
  2. Security breaches : Use of base64_encode() Found base64_encode in file tweets-widget.php.
     $toSend		 = base64_encode( $credentials );
    Found base64_encode in file social-counter-widget.php.
     $toSend		 = base64_encode( $credentials );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe width="<?php echo $width; ?>" height="<?php echo $height; ?>" src="http://www.youtube.com/embed/<?php echo $youtube_video ?> in file video-widget.php.
    Line 35: <iframe width='<?php echo $width; ?>' height='<?php echo $height; ?>' src='
    Found <iframe width="' . $width . '" height="' . $height . '" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?url=' . $url . '&amp;auto_play=' . $autoplay . '&amp;show_artwork=true"> in file soundcloud-widget.php.
    Line 34: echo '<iframe width='' . $width . '' height='' . $height . '' scrolling='no' fram
  4. Malware : Operations on file system file_get_contents was found in the file parsers.php
    Line 62: $old_value = null;		$success = $dom->loadXML( file_get_contents( $file ) );
    fopen was found in the file theme-functions.php
    Line 72: if ( function_exists( 'ini_get' ) && ini_get( 'allow_url_fopen' ) ) {
    Line 94: $fp = @fopen( $file_path, 'w' );
    fwrite was found in the file theme-functions.php
    Line 91: // If the attempt to write to the file failed, then fallback to fwrite.
    Line 96: $written = @fwrite( $fp, $body );
    fclose was found in the file theme-functions.php
    Line 97: @fclose( $fp );
  5. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ._one-page-navigator.zip ._layered-popups.zip ._leap-port.zip ._easy-social-share-buttons3.zip ._ultimate_vc_addons.zip ._revslider.zip ._js_composer.zip ._essential-grid.zip ._wiz_accounting.zip ._wiz_startup.zip ._wiz_corporate.zip ._wiz_cafe.zip ._cafe-font-icons.zip ._wiz_home.zip ._wiz_the_place.zip ._wiz_shop.zip ._freelancer_home.zip ._wiz_charity.zip ._charity-font-icons.zip ._wiz_bakery.zip ._wiz_restaurant.zip ._restaurant-font-icons.zip ._wiz_advertising.zip ._wiz_nutritional.zip ._w5o9oiw6v9unjy1f.zip ._myf8wvzuuhxeb8qm.zip ._photographer-wiz.zip ._wiz_clinic.zip ._clinic-icons.zip ._home.zip ._9uqnjg398ykix381.zip ._p7x9f7i6no8s8enh.zip ._hdertgz1fsjdvqel.zip ._npixwmwo9zmidrhj.zip ._firm_home.zip ._wiz_posts.zip ._wiz_destinations.zip ._wiz_travel.zip ._wiz_banner.zip ultimate_vc_addons.zip essential-grid.zip layered-popups.zip one-page-navigator.zip revslider.zip leap-port.zip easy-social-share-buttons3.zip js_composer.zip wiz_accounting.zip wiz_startup.zip wiz_corporate.zip wiz_cafe.zip cafe-font-icons.zip wiz_the_place.zip wiz_home.zip wiz_shop.zip freelancer_home.zip wiz_charity.zip charity-font-icons.zip wiz_bakery.zip wiz_restaurant.zip restaurant-font-icons.zip wiz_advertising.zip wiz_nutritional.zip myf8wvzuuhxeb8qm.zip w5o9oiw6v9unjy1f.zip photographer-wiz.zip wiz_clinic.zip clinic-icons.zip home.zip npixwmwo9zmidrhj.zip hdertgz1fsjdvqel.zip 9uqnjg398ykix381.zip p7x9f7i6no8s8enh.zip firm_home.zip wiz_banner.zip wiz_travel.zip wiz_destinations.zip wiz_posts.zip.
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are wiz, leap-port, eternity, wiz, option-tree, tgmpa, woocommerce, default, theme-text-domain, option-tree-theme, envato-wordpress-toolkit, ulp, tax-meta.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.
  3. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  4. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  5. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in header.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file theme-options.php.
    Line 653: 'desc'         => __( 'It\'s recommended to enter your own Google Font API Key to make sure Google fonts will work properly and to get google fonts library updates. To learn more about Fonts manager click <a href='http://www.leap13.com/2015/08/26/fonts-manager/' target='_blank'>here</a>',
    Line 796: 'desc'         => __( 'Smart Skin controls and changes your entire website color scheme, Select whether you want light to dark theme then select from readymade Smart Skins available and/or customize your own Smart Skin. <a href='https://youtu.be/hsVqOQoF4DM' target='_blank'>Click here</a> to Watch Smart
    Line 952: 'desc'         => __( 'It\'s recommended to read help notes below which describes what theme elements will be affected when changing each value from below before you start customizing the Smart Skin. Also you can use Smart Skin Generator to instantly generate a complete Smart Skin from 2 colors.<br><br><a href='http://www.leap13.com/website-clolor-scheme-generator-smart-skin-generator/
    Line 7509: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7524: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7509: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7524: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : ot-functions-docs-page.php
    Line 751: require( trailingslashit( get_template_directory() ) . \'includes/meta-boxe
    Line 834: require( trailingslashit( get_template_directory() ) . \'option-tree/ot-loa
    Line 851: require( trailingslashit( get_template_directory() ) . \'includes/theme-opt
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : demo-functions.php
    Line 65: # require( trailingslashit( get_template_directory() ) . 'option-tree/ot-load
    Line 70: # require( trailingslashit( get_template_directory() ) . 'admin/theme-options
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : layered-popups-import.php
    Line 24: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : tax_to_term_meta.php
    Line 17: * 	require_once('Tax-meta-class/migration/tax_to_term_meta.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

76
Critical alerts
  1. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ._one-page-navigator.zip ._layered-popups.zip ._leap-port.zip ._easy-social-share-buttons3.zip ._ultimate_vc_addons.zip ._revslider.zip ._js_composer.zip ._essential-grid.zip ._wiz_accounting.zip ._wiz_startup.zip ._wiz_corporate.zip ._wiz_cafe.zip ._cafe-font-icons.zip ._wiz_home.zip ._wiz_the_place.zip ._wiz_shop.zip ._freelancer_home.zip ._wiz_charity.zip ._charity-font-icons.zip ._wiz_bakery.zip ._wiz_restaurant.zip ._restaurant-font-icons.zip ._wiz_advertising.zip ._wiz_nutritional.zip ._w5o9oiw6v9unjy1f.zip ._myf8wvzuuhxeb8qm.zip ._photographer-wiz.zip ._wiz_clinic.zip ._clinic-icons.zip ._home.zip ._9uqnjg398ykix381.zip ._p7x9f7i6no8s8enh.zip ._hdertgz1fsjdvqel.zip ._npixwmwo9zmidrhj.zip ._firm_home.zip ._wiz_posts.zip ._wiz_destinations.zip ._wiz_travel.zip ._wiz_banner.zip ultimate_vc_addons.zip essential-grid.zip layered-popups.zip one-page-navigator.zip revslider.zip leap-port.zip easy-social-share-buttons3.zip js_composer.zip wiz_accounting.zip wiz_startup.zip wiz_corporate.zip wiz_cafe.zip cafe-font-icons.zip wiz_the_place.zip wiz_home.zip wiz_shop.zip freelancer_home.zip wiz_charity.zip charity-font-icons.zip wiz_bakery.zip wiz_restaurant.zip restaurant-font-icons.zip wiz_advertising.zip wiz_nutritional.zip myf8wvzuuhxeb8qm.zip w5o9oiw6v9unjy1f.zip photographer-wiz.zip wiz_clinic.zip clinic-icons.zip home.zip npixwmwo9zmidrhj.zip hdertgz1fsjdvqel.zip 9uqnjg398ykix381.zip p7x9f7i6no8s8enh.zip firm_home.zip wiz_banner.zip wiz_travel.zip wiz_destinations.zip wiz_posts.zip.
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file archive.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file blog.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file single.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are wiz, leap-port, eternity, wiz, option-tree, tgmpa, woocommerce, default, theme-text-domain, option-tree-theme, envato-wordpress-toolkit, ulp, tax-meta.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.
  3. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  4. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in header.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file theme-options.php.
    Line 653: 'desc'         => __( 'It\'s recommended to enter your own Google Font API Key to make sure Google fonts will work properly and to get google fonts library updates. To learn more about Fonts manager click <a href='http://www.leap13.com/2015/08/26/fonts-manager/' target='_blank'>here</a>',
    Line 796: 'desc'         => __( 'Smart Skin controls and changes your entire website color scheme, Select whether you want light to dark theme then select from readymade Smart Skins available and/or customize your own Smart Skin. <a href='https://youtu.be/hsVqOQoF4DM' target='_blank'>Click here</a> to Watch Smart
    Line 952: 'desc'         => __( 'It\'s recommended to read help notes below which describes what theme elements will be affected when changing each value from below before you start customizing the Smart Skin. Also you can use Smart Skin Generator to instantly generate a complete Smart Skin from 2 colors.<br><br><a href='http://www.leap13.com/website-clolor-scheme-generator-smart-skin-generator/
    Line 7509: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7524: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7509: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
    Line 7524: 'desc'         => __( '<a href='http://universimmedia.pagesperso-orange.fr/geo/loc.htm' target='_blank'>Her
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : ot-functions-docs-page.php
    Line 751: require( trailingslashit( get_template_directory() ) . \'includes/meta-boxe
    Line 834: require( trailingslashit( get_template_directory() ) . \'option-tree/ot-loa
    Line 851: require( trailingslashit( get_template_directory() ) . \'includes/theme-opt
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : demo-functions.php
    Line 65: # require( trailingslashit( get_template_directory() ) . 'option-tree/ot-load
    Line 70: # require( trailingslashit( get_template_directory() ) . 'admin/theme-options
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : layered-popups-import.php
    Line 24: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : tax_to_term_meta.php
    Line 17: * 	require_once('Tax-meta-class/migration/tax_to_term_meta.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes