0
Validation results

BuddyBoss Theme

BuddyBoss Theme

WordPress 5.4 theme
0
  • THEME TYPEWordPress theme 5.4
  • FILE NAMEbuddyboss-theme.zip
  • FILE SIZE7562306 bytes
  • MD5d14e5e4b9b61ecf72c2f8a5296898d77
  • SHA105457a6bf3e2361315147428c7b4101c32bef3cb
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttps://www.buddyboss.com/
  • VERSION1.3.4
  • AUTHOR URI
  • CREATION DATE2020-02-21
  • LAST FILE UPDATE2020-03-25
  • LAST VALIDATION2020-03-25 08:52
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file extension_customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  3. Security breaches : Use of base64_encode() Found base64_encode in file updater.php.
     $headers           = array( 'Authorization' => 'Basic ' . base64_encode( '{$this->_http_username}:{$this->_http_password}' ) );
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://player.vimeo.com/video/338221385?byline=0&portrait=0&autoplay=1" width="560" height="315" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen> in file admin-hello-theme-popup.php. 20: <iframe src='https://player.vimeo.com/video/338221385?byline=0&portrait=0&aFound <iframe width="560" height="315" src="https://www.youtube.com/embed/ScMzIvxBSi4" frameborder="0" allowfullscreen> in file intro.php.
  5. Malware : Operations on file system file_get_contents was found in the file fontpack.php 221: $config = json_decode( file_get_contents( $config_file ), true );fopen was found in the file class.redux_helpers.php 671: //$fp = fopen( $file, 'r' );fread was found in the file class.redux_helpers.php 674: //$file_data = fread( $fp, 8192 );fclose was found in the file class.redux_helpers.php 677: //fclose( $fp );
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-buddyboss-custom-fonts-admin.php : 73: add_submenu_page(File theme-activation.php : 621: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_tFile buddyboss-updater.php : 50: add_menu_page( 'BuddyBoss', 'BuddyBoss', 'manage_options', 'buddyboss-settiFile buddyboss-updater.php : 53: add_submenu_page( 'buddyboss-settings', 'BuddyBoss', 'BuddyBoss', 'manage_oFile admin.php : 247: $this->page_hook_suffix = add_submenu_page(File admin-init.php : 23: add_menu_page( 'BuddyBoss', 'BuddyBoss', 'manage_options', 'buddyboss-settiFile admin-init.php : 26: add_submenu_page( 'buddyboss-settings', 'BuddyBoss', 'BuddyBoss', 'manage_oFile options-init.php : 1982: 'page_parent' => function_exists('buddypress') && isset(buddypress()->boddyboss)? 'buddyboss-platform' : 'buddyboss-settings', // For a full list of options, visit: http://codex.wordpress.org/Function_Reference/add_submenu_page#ParametersFile welcome.php : 199: $page = 'add_management_page';File framework.php : 1355: // wrappers and need to be appened to using add_submenu_page.1406: $this->page = call_user_func( 'add_submenu_page', $page_parent, $page_title, $menu_title, $page_permission1457: call_user_func( 'add_submenu_page', $this->args['page_slug'], $section['title'], $section['tFile framework.php : 1355: // wrappers and need to be appened to using add_submenu_page.1406: $this->page = call_user_func( 'add_submenu_page', $page_parent, $page_title, $menu_title, $page_permission1457: call_user_func( 'add_submenu_page', $this->args['page_slug'], $section['title'], $section['tFile framework.php : 1432: $this->page = call_user_func( 'add_menu_page', $this->args['page_title'], $this->args['menu_title'], $thisFile framework.php : 1355: // wrappers and need to be appened to using add_submenu_page.1406: $this->page = call_user_func( 'add_submenu_page', $page_parent, $page_title, $menu_title, $page_permission1457: call_user_func( 'add_submenu_page', $this->args['page_slug'], $section['title'], $section['tFile barebones-config.php : 67: // For a full list of options, visit: http://codex.wordpress.org/Function_Reference/add_submenu_page#ParametersFile sample-config.php : 109: // For a full list of options, visit: http://codex.wordpress.org/Function_Reference/add_submenu_page#Parameters
  7. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : template-functions.php.
  8. Deprecated functions : get_bloginfo get_bloginfo( 'url' ) was found in the file login.php. Use home_url() instead.314: $home_url = get_bloginfo( 'url' );
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in enqueue.php. Themes must not deregister core scripts. 215: wp_deregister_script( 'jquerySelect2' );Found wp_deregister_script in framework.php. Themes must not deregister core scripts. 579: wp_deregister_script( 'wpb_ace' );
  2. special URIs : Presence of bad theme tagsTheme URI and Author URI should not be the same.
  3. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  4. Text domain : Incorrect use of translation functions.Found a translation function that has an incorrect number of arguments. Function _n, with the arguments '%s download remaining', '%s downloads remaining', downloads_remaining, 'buddyboss-theme' in file my-downloads.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'buddyboss-theme' in file form.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'buddyboss-theme' in file multi-post-thumbnails.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are buddyboss-theme, downloads_remaining, redux-framework, themecheck, redux-framework-demo.
  5. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  6. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  7. PHP short tags : Presence of PHP short tagsPHP short tags were found in file parsedown.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.772: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))
  8. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file theme.css.
  9. Comment pagination : Declaration of comment paginationThe theme doesn't have comment pagination code in it. Use paginate_comments_links() to add comment pagination, or older previous_comments_link() and next_comments_link() functions.
  10. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  11. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  12. I18N implementation : Proper use of ___all(Possible variable $mepr_options found in translation function in form.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in multi-post-thumbnails.php. Translation function calls should not contain PHP variables.
  13. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  14. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  15. CSS files : Presence of .bypostauthor class.bypostauthor css class is needed in theme css.
  16. Date and time implementation : Use of date_i18n()At least one hard coded date was found in the file shortcodes.php. Function get_option( 'date_format' ) should be used instead.
  17. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file class-buddyboss-custom-fonts-cpt.php.201: <?php echo sprintf( __( 'Try %s for downloading free web fonts.', 'buddyboss-theme' ), '<a href='https://www.fontsquirrel.com/fonts/list/find_fonts?filter%5Blicense%5D%5B0%Possible hard-coded links were found in the file admin.php.25: <?php printf( __( 'Log into %s', 'buddyboss-theme' ), '<a href='https://www.buddyboss.com/wp-admin'>BuddyBoss.com</a>' ); ?>28: <?php printf( __( 'Go to your %s', 'buddyboss-theme' ), '<a href='https://www.buddyboss.com/my-account/'>Account</a>' ); ?>Possible hard-coded links were found in the file package.php.50: <?php _e( 'You can find the license key for your product by going to the <a href='https://buddyboss.com/my-account/?part=mysubscriptions' target='_blank' relPossible hard-coded links were found in the file options-init.php.192: 'subtitle' => __( 'Position header to the top of the scrollview during scrolling. Header is always sticky in <a href='https://learndash.idevaffiliate.com/111.html'>LearnDash</a> lessons and topPossible hard-coded links were found in the file welcome.php.480: <a href='http://docs.reduxframework.com/' class='docs button button-primary'>Docs</a483: <a href='https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=MMFMHW
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : init.php 204: require_once( $this->_inc_dir . '/admin/admin-init.php' );207: require_once( $this->_inc_dir . '/compatibility/incompatible-themes-helper.210: require_once( $this->_inc_dir . '/admin/options/setting-options.php' );215: require_once( $this->_inc_dir . '/theme/functions.php' );216: require_once( $this->_inc_dir . '/theme/template-functions.php' );217: require_once( $this->_inc_dir . '/theme/shortcodes.php' );218: require_once( $this->_inc_dir . '/theme/bookmarks.php' );219: require_once( $this->_inc_dir . '/theme/sidebars.php' );220: require_once( $this->_inc_dir . '/theme/widgets.php' );221: require_once( $this->_inc_dir . '/theme/login.php' );222: require_once( $this->_inc_dir . '/theme/admin-bar.php' );223: require_once( $this->_inc_dir . '/theme/multi-post-thumbnails.php' );226: require_once( $this->_inc_dir . '/plugins/buddypress-helper.php' );230: require_once( $this->_inc_dir . '/plugins/bbpress-helper.php' );236: require_once( $this->_inc_dir . '/plugins/learndash-helper.php' );237: require_once( $this->_inc_dir . '/plugins/learndash-compat.php' );243: require_once($this->_inc_dir . '/plugins/elementor-helper.php');247: require_once($this->_inc_dir . '/plugins/elementor-helper-pro.php');255: require_once($this->_inc_dir . '/plugins/beaver-themer-helper.php');261: require_once( $this->_inc_dir . '/plugins/related-posts-helper.php' );265: require_once( $this->_inc_dir . '/others/utility.php' );266: require_once( $this->_inc_dir . '/others/debug.php' );269: require_once( $this->_inc_dir . '/others/buddyboss-theme-updater.php' );273: require_once( $this->_inc_dir . '/maintenance-mode/maintenance-mode.php' );277: require_once( $this->_inc_dir . '/plugins/woocommerce-helper.php' );282: require_once( $this->_inc_dir . '/tribe-events/events-functions.php' );284: require_once( $this->_inc_dir . '/plugins/buddyboss-menu-icons/menu-icons.p287: require_once( $this->_inc_dir . '/custom-fonts/custom-fonts.php' );308: require_once( $this->_inc_dir . '/lib/buddyboss-updater/buddyboss-updater.p If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : custom-fonts.php 10: require_once( get_template_directory() . '/inc/custom-fonts/classes/class-b If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : buddyboss-updater.php 30: require( BUDDYBOSS_UPDATER_DIR . 'includes/main-class.php' );31: require( BUDDYBOSS_UPDATER_DIR . 'includes/functions.php' );32: require( BUDDYBOSS_UPDATER_DIR . 'includes/vendor/license.php' );33: require( BUDDYBOSS_UPDATER_DIR . 'includes/vendor/updater.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : admin.php 261: include_once( 'views/admin.php' );319: include_once( 'views/package.php' );863: require_once( BUDDYBOSS_UPDATER_DIR . '/includes/vendor/license.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : main-class.php 108: require_once( BUDDYBOSS_UPDATER_DIR . 'includes/' . $include . '.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : buddypress-helper.php 115: require_once( ABSPATH . WPINC . '/class-wp-admin-bar.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-themeisle-sdk-rollback.php 166: require_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );206: require_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-themeisle-sdk-endpoints.php 154: require_once( ABSPATH . 'wp-admin/includes/file.php' );216: require_once( ABSPATH . 'wp-admin/includes/file.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : fontpack.php 181: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : icon-picker.php 221: 243: 266: 280: 300: 318: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : admin-init.php 116: require_once( dirname( __FILE__ ) . '/buddyboss-extensions/extensions-init.123: require_once( dirname( __FILE__ ) . '/framework/ReduxCore/framework.php' );133: require_once( dirname( __FILE__ ) . '/options-init.php' );136: require_once( dirname( __FILE__ ) . '/plugin-support.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : extensions-init.php 9: require_once(dirname( __FILE__ ) . '/loader.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : loader.php 25: require_once( $class_file ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : welcome.php 376: require_once 'views/about.php';391: require_once 'views/changelog.php';406: require_once 'views/extensions.php';422: require_once 'views/support.php';437: require_once 'views/credits.php';452: require_once 'views/status_report.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : extension_customizer.php 753: require_once( $class_file ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class.redux_api.php 539: include_once( $api_check ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : framework.php 424: // require_once 'core/dashboard.php';428: // require_once 'core/newsflash.php';1700: require_once 'core/enqueue.php';2849: require_once 'core/enqueue.php';2907: require_once 'core/panel.php';3259: require_once 'core/panel.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : setting-options.php 3: require_once( dirname( __FILE__ ) . '/get-option.php' );4: require_once( dirname( __FILE__ ) . '/custom-codes.php' );5: require_once( dirname( __FILE__ ) . '/custom-css.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes