0
Validation results

Eduma

Eduma

WordPress 6.7 theme
0
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_encode() Found base64_encode in file slider.php.
     $toSend      = base64_encode( $credentials );
    Found base64_encode in file base.php.
     $toSend      = base64_encode( $credentials );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe frameborder="0" scrolling="no" marginheight="0" marginwidth="0" src="https://maps.google.com/maps?q=%1$s&amp;t=m&amp;z=%2$d&amp;output=embed&amp;iwloc=near" title="%3$s" aria-label="%3$s"> in file base.php. 31: '<div class='thim-map-iframe'' . $style_height . '><iframe frameborder='0' scrolling='no' marginheight='0' marginwidth='0' srcFound <iframe id="thim-video" width="'.$width.'" height="'.$height.'" src="https://www.youtube.com/embed/' . esc_attr( $instance['youtube_id'] ) . '" allowfullscreen style="border: 0;"> in file base.php. 18: echo '<div class='video'><iframe id='thim-video' width=''.$width.'' height=''.$height.'' src='https:Found <iframe id="thim-video" width="' . $width . '" height="' . $height . '" src="https://www.youtube.com/embed/' . esc_attr( $instance['youtube_id'] ) . '" allowfullscreen style="border: 0;"> in file popup.php. 36: echo '<div class='video'><iframe id='thim-video' width='' . $width . '' height='' . $height . '' srcFound <iframe height="500" src="' . esc_attr( $instance['external_video'] ) . '" allowfullscreen="" style="border: 0px;"> in file default.php. 36: echo '<iframe height='500' src='' . esc_attr( $instance['external_video'] ) . '' Found <iframe id="thim-video" width="' . $width . '" height="' . $height . '" src="https://www.youtube.com/embed/' . esc_attr( $instance['youtube_id'] ) . '" allowfullscreen style="border: 0;"> in file image-popup.php. 31: echo '<div class='video'><iframe id='thim-video' width='' . $width . '' height='' . $height . '' srcFound <iframe width="100%" height="250" src="https://www.youtube.com/embed/' . get_post_meta( get_the_ID(), 'project_video_embed', true ) . '" frameborder="0" allowfullscreen> in file base.php. 387: echo '<iframe width='100%' height='250' src='https://www.youtube.com/embed/' . geFound <iframe src="http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=0&amp;byline=0&amp;portrait=0&amp;color=ffffff" width="auto" height="500px" frameborder="0"> in file right-floating-sidebar.php. 16: echo '<iframe src='http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=Found <iframe src="http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=0&amp;byline=0&amp;portrait=0&amp;color=ffffff" width="auto" height="500px" frameborder="0"> in file left-floating-sidebar.php. 55: echo '<iframe src='http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=Found <iframe src="http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=0&amp;byline=0&amp;portrait=0&amp;color=ffffff" width="auto" height="500px" frameborder="0"> in file sidebar-slider.php. 13: echo '<li><iframe src='http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=Found <iframe title="YouTube video player" class="youtube-video" allowfullscreen type="text/html" width="100%" height="500" src="http://www.youtube.com/embed/' . get_post_meta( get_the_ID(), 'project_video_embed', true ) . '" frameborder="0"> in file video.php. 12: echo '<iframe title='YouTube video player' class='youtube-video' allowfullscreen
  4. Malware : Network operations curl_init was found in the file register-functions.php 455: $curl = curl_init();curl_exec was found in the file register-functions.php 469: curl_exec( $curl );
  5. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was thim-core.zip.
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in functions.php. Themes must not deregister core scripts. 450: wp_deregister_script( 'block-ui' );
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file basic-information.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'rated' in file course-rate.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'rated' in file course-rate.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'eduma' in file base.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'eduma' in file base.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'eduma' in file base.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'eduma' in file base.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Site Name: %s' in file custom-functions.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Remove Image' in file Tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Upload Image' in file Tax-meta-class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-v3-functions.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Select' in file multiple-images.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are eduma, learnpress, learnpress-buddypress, learnpress-co-instructor, learnpress-certificates, mag-wp, thim-core, bbpress, pmpro, plugin-domain, elementor, course-builder.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  4. PHP short tags : Presence of PHP short tagsPHP short tags were found in file content-archive-course.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.131: }else{echo $set_layout; } ?>' data-cookie='grid-layout' data-attr = '<?= $set_layout;?>'>
  5. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file style.css.
  6. I18N implementation : Proper use of _e(Possible variable $user found in translation function in basic-information.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $input_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $child_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $term_child found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of ___all(Possible variable $_GET found in translation function in base.php. Translation function calls should not contain PHP variables. Possible variable $_GET found in translation function in base.php. Translation function calls should not contain PHP variables. Possible variable $_GET found in translation function in base.php. Translation function calls should not contain PHP variables. Possible variable $_GET found in translation function in base.php. Translation function calls should not contain PHP variables.
  8. I18N implementation : Proper use of esc_attr_e(Possible variable $input_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $child_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables.
  9. I18N implementation : Proper use of esc_html_e(Possible variable $user found in translation function in basic-information.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables. Possible variable $term_child found in translation function in learnpress-v3-functions.php. Translation function calls should not contain PHP variables.
  10. Date and time implementation : Use of date_i18n()At least one hard coded date was found in the file checkout.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file checkout.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. theme tags : Presence of bad theme tagsThemes that use the tag accessibility-ready will need to undergo an accessibility review.
    See https://make.wordpress.org/themes/handbook/review/accessibility/
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file installer.php.780: echo '<mark class='error'><span class='dashicons dashicons-warning'></span> ' . sprintf( __( '%1$s - We recommend a minimum PHP version of 5.6. See: %2$s', 'eduma' ), esc_html( $args['php_version'] ), '<a href='https://goo.gl/WRBYv3' target='_blank'>' . __( 'How to update your PHP vers
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : woocommerce.php 124: include_once( get_stylesheet_directory() . '/woocommerce/widgets/class-wc-w126: include_once('widgets/class-wc-widget-cart.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : result.php 33: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : widgets.php 4: include_once( THIM_DIR . '/inc/widgets/button/button.php' );5: include_once( THIM_DIR . '/inc/widgets/google-map/google-map.php' );6: include_once( THIM_DIR . '/inc/widgets/heading/heading.php' );7: include_once( THIM_DIR . '/inc/widgets/icon-box/icon-box.php' );8: include_once( THIM_DIR . '/inc/widgets/image-box/image-box.php' );9: include_once( THIM_DIR . '/inc/widgets/single-images/single-images.php' );10: include_once( THIM_DIR . '/inc/widgets/social/social.php' );11: include_once( THIM_DIR . '/inc/widgets/gallery-images/gallery-images.php' )12: include_once( THIM_DIR . '/inc/widgets/empty-space/empty-space.php' );13: include_once( THIM_DIR . '/inc/widgets/tab/tab.php' );14: include_once( THIM_DIR . '/inc/widgets/twitter/twitter.php' );15: include_once( THIM_DIR . '/inc/widgets/our-team/our-team.php' );16: include_once( THIM_DIR . '/inc/widgets/testimonials/testimonials.php' );17: include_once( THIM_DIR . '/inc/widgets/counters-box/counters-box.php' );18: include_once( THIM_DIR . '/inc/widgets/countdown-box/countdown-box.php' );19: include_once( THIM_DIR . '/inc/widgets/carousel-post/carousel-post.php' );20: include_once( THIM_DIR . '/inc/widgets/accordion/accordion.php' );21: include_once( THIM_DIR . '/inc/widgets/list-post/list-post.php' );22: include_once( THIM_DIR . '/inc/widgets/video/video.php' );23: include_once( THIM_DIR . '/inc/widgets/gallery-posts/gallery-posts.php' );24: include_once( THIM_DIR . '/inc/widgets/landing-image/landing-image.php' );25: include_once( THIM_DIR . '/inc/widgets/login-popup/login-popup.php' );26: include_once( THIM_DIR . '/inc/widgets/timetable/timetable.php' );27: include_once( THIM_DIR . '/inc/widgets/link/link.php' );28: include_once( THIM_DIR . '/inc/widgets/carousel-categories/carousel-categor29: include_once( THIM_DIR . '/inc/widgets/multiple-images/multiple-images.php'32: include_once( THIM_DIR . '/inc/widgets/courses-searching/courses-searching.33: include_once( THIM_DIR . '/inc/widgets/course-categories/course-categories.34: include_once( THIM_DIR . '/inc/widgets/courses/courses.php' );35: include_once( THIM_DIR . '/inc/widgets/list-instructors/list-instructors.ph38: include_once( THIM_DIR . '/inc/widgets/one-course-instructors/one-course-in41: include_once( THIM_DIR . '/inc/widgets/courses-collection/courses-collectio46: include_once( THIM_DIR . '/inc/widgets/list-event/list-event.php' );47: include_once( THIM_DIR . '/inc/widgets/tab-event/tab-event.php' );50: include_once( THIM_DIR . '/inc/widgets/portfolio/portfolio.php' );53: include_once( THIM_DIR . '/inc/widgets/login-form/login-form.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : installer.php 114: require_once( ABSPATH . '/wp-admin/includes/file.php' );168: require_once 'class-thim-plugin.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-thim-plugin.php 3: include_once( ABSPATH . 'wp-admin/includes/plugin.php' );591: include_once( ABSPATH . 'wp-admin/includes/plugin-install.php' );616: include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );617: include_once( ABSPATH . 'wp-admin/includes/plugin-install.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : custom-functions.php 896: include_once( ABSPATH . 'wp-admin/includes/plugin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : tax_to_term_meta.php 17: * require_once('Tax-meta-class/migration/tax_to_term_meta.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : vc-shortcodes.php 15: require_once( THIM_DIR . 'vc-shortcodes/vc-map.php' );18: require_once( THIM_DIR . 'vc-shortcodes/vc-functions.php' );21: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/accordion/accordion.php'22: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/carousel-posts/carousel-23: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/countdown-box/countdown-24: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/counters-box/counters-bo25: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/gallery-images/gallery-i26: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/gallery-posts/gallery-po27: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/google-map/google-map.ph28: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/heading/heading.php' );29: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/login-form/login-form.ph30: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/timetable/timetable.php'31: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/tab/tab.php' );32: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/video/video.php' );33: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/icon-box/icon-box.php' )34: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/image-box/image-box.php'35: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/single-images/single-ima36: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/social/social.php' );37: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/button/button.php' );38: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/list-post/list-post.php'39: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/carousel-categories/caro40: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/link/link.php' );41: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/multiple-images/multiple43: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/courses/courses.php' );44: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/course-categories/course45: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/courses-searching/course46: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/list-instructors/list-in49: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/courses-collection/cours52: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/one-course-instructors/o56: // require_once( THIM_DIR . 'vc-shortcodes/shortcodes/tab-event/tab-event.php'57: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/list-events/list-events.60: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/testimonials/testimonial63: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/our-team/our-team.php' )66: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/portfolio/portfolio.php'69: require_once( THIM_DIR . 'vc-shortcodes/shortcodes/twitter/twitter.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : vc-map.php 15: include_once( THIM_DIR_SHORTCODES_MAP . 'accordion.php' );16: include_once( THIM_DIR_SHORTCODES_MAP . 'carousel-posts.php' );17: include_once( THIM_DIR_SHORTCODES_MAP . 'countdown-box.php' );18: include_once( THIM_DIR_SHORTCODES_MAP . 'counters-box.php' );19: include_once( THIM_DIR_SHORTCODES_MAP . 'gallery-images.php' );20: include_once( THIM_DIR_SHORTCODES_MAP . 'gallery-posts.php' );21: include_once( THIM_DIR_SHORTCODES_MAP . 'google-map.php' );22: include_once( THIM_DIR_SHORTCODES_MAP . 'heading.php' );23: include_once( THIM_DIR_SHORTCODES_MAP . 'login-form.php' );24: include_once( THIM_DIR_SHORTCODES_MAP . 'timetable.php' );25: include_once( THIM_DIR_SHORTCODES_MAP . 'tab.php' );26: include_once( THIM_DIR_SHORTCODES_MAP . 'video.php' );27: include_once( THIM_DIR_SHORTCODES_MAP . 'icon-box.php' );28: include_once( THIM_DIR_SHORTCODES_MAP . 'image-box.php' );29: include_once( THIM_DIR_SHORTCODES_MAP . 'single-images.php' );30: include_once( THIM_DIR_SHORTCODES_MAP . 'social.php' );31: include_once( THIM_DIR_SHORTCODES_MAP . 'button.php' );32: include_once( THIM_DIR_SHORTCODES_MAP . 'list-post.php' );33: include_once( THIM_DIR_SHORTCODES_MAP . 'carousel-categories.php' );34: include_once( THIM_DIR_SHORTCODES_MAP . 'link.php' );35: include_once( THIM_DIR_SHORTCODES_MAP . 'multiple-images.php' );37: include_once( THIM_DIR_SHORTCODES_MAP . 'course-categories.php' );38: include_once( THIM_DIR_SHORTCODES_MAP . 'courses.php' );39: include_once( THIM_DIR_SHORTCODES_MAP . 'courses-searching.php' );40: include_once( THIM_DIR_SHORTCODES_MAP . 'list-instructors.php' );43: include_once( THIM_DIR_SHORTCODES_MAP . 'courses-collection.php' );46: include_once( THIM_DIR_SHORTCODES_MAP . 'one-course-instructors.php' );50: include_once( THIM_DIR_SHORTCODES_MAP . 'list-events.php' );53: include_once( THIM_DIR_SHORTCODES_MAP . 'testimonials.php' );56: include_once( THIM_DIR_SHORTCODES_MAP . 'our-team.php' );59: include_once( THIM_DIR_SHORTCODES_MAP . 'portfolio.php' );62: include_once( THIM_DIR_SHORTCODES_MAP . 'twitter.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes