9
Validation results

Eduma

Eduma

WordPress 6.5.2 theme
9
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_encode() Found base64_encode in file slider.php. 
     $toSend      = base64_encode( $credentials );
    Found base64_encode in file base.php. 
     $toSend      = base64_encode( $credentials );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe frameborder="0" scrolling="no" marginheight="0" marginwidth="0" src="https://maps.google.com/maps?q=%1$s&amp;t=m&amp;z=%2$d&amp;output=embed&amp;iwloc=near" title="%3$s" aria-label="%3$s"> in file base.php. 29: '<div class='thim-map-iframe'' . $style_height . '><iframe frameborder='0' scrolling='no' marginheight='0' marginwidth='0' srcFound <iframe id="thim-video" width="'.$width.'" height="'.$height.'" src="https://www.youtube.com/embed/' . esc_attr( $instance['youtube_id'] ) . '" allowfullscreen style="border: 0;"> in file base.php. 18: echo '<div class='video'><iframe id='thim-video' width=''.$width.'' height=''.$height.'' src='https:Found <iframe id="thim-video" width="' . $width . '" height="' . $height . '" src="https://www.youtube.com/embed/' . esc_attr( $instance['youtube_id'] ) . '" allowfullscreen style="border: 0;"> in file popup.php. 36: echo '<div class='video'><iframe id='thim-video' width='' . $width . '' height='' . $height . '' srcFound <iframe height="500" src="' . esc_attr( $instance['external_video'] ) . '" allowfullscreen="" style="border: 0px;"> in file default.php. 36: echo '<iframe height='500' src='' . esc_attr( $instance['external_video'] ) . '' Found <iframe id="thim-video" width="' . $width . '" height="' . $height . '" src="https://www.youtube.com/embed/' . esc_attr( $instance['youtube_id'] ) . '" allowfullscreen style="border: 0;"> in file image-popup.php. 33: echo '<div class='video'><iframe id='thim-video' width='' . $width . '' height='' . $height . '' srcFound <iframe width="100%" height="250" src="https://www.youtube.com/embed/' . get_post_meta( get_the_ID(), 'project_video_embed', true ) . '" frameborder="0" allowfullscreen> in file base.php. 383: echo '<iframe width='100%' height='250' src='https://www.youtube.com/embed/' . geFound <iframe src="http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=0&amp;byline=0&amp;portrait=0&amp;color=ffffff" width="auto" height="500px" frameborder="0"> in file right-floating-sidebar.php. 16: echo '<iframe src='http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=Found <iframe src="http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=0&amp;byline=0&amp;portrait=0&amp;color=ffffff" width="auto" height="500px" frameborder="0"> in file left-floating-sidebar.php. 55: echo '<iframe src='http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=Found <iframe src="http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=0&amp;byline=0&amp;portrait=0&amp;color=ffffff" width="auto" height="500px" frameborder="0"> in file sidebar-slider.php. 13: echo '<li><iframe src='http://player.vimeo.com/video/' . substr( $att, 2 ) . '?title=Found <iframe title="YouTube video player" class="youtube-video" allowfullscreen type="text/html" width="100%" height="500" src="https://www.youtube.com/embed/' . get_post_meta( get_the_ID(), 'project_video_embed', true ) . '" frameborder="0"> in file video.php. 12: echo '<iframe title='YouTube video player' class='youtube-video' allowfullscreen
  4. Malware : Network operations curl_init was found in the file register-functions.php 528: $curl = curl_init();curl_exec was found in the file register-functions.php 546: curl_exec( $curl );
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in functions.php. Themes must not deregister core scripts. 540: wp_deregister_script( 'block-ui' );
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file basic-information.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'rated' in file course-rate.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'rated' in file course-rate.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Thim: Counters Box' in file class-el-counters-box.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Students' in file grid-instructor-v3.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Select' in file config.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Site Name: %s' in file custom-functions.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'eduma' in file custom-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file learnpress-functions.php.Found a translation function that is missing a text-domain. Function __, with the arguments '<strong>Error</strong>: There is no account with that username or email address.' in file register-functions.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments '<strong>Important!</strong> This Eduma version requires Thim Core plugin 2.0.0 or higher, please go <a href="', >here</a> and update the plugin., 'eduma' in file thim-core-function.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Remove Image' in file Tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Upload Image' in file Tax-meta-class.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'rated' in file course-rate.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'rated' in file course-rate.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are eduma, learnpress, learnpress-buddypress, learnpress-co-instructor, learnpress-certificates, mag-wp, thim-core, >here</a> and update the plugin., bbpress, pmpro, eduma-child-kid-art, learnpress-course-review, learnpress-wishlist.
  3. PHP short tags : Presence of PHP short tagsPHP short tags were found in file content-archive-course.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.131: }else{echo $set_layout; } ?>' data-cookie='grid-layout' data-attr = '<?= $set_layout;?>'>PHP short tags were found in file archive-collection-course.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.79: }else{echo $set_layout; } ?>' data-cookie='grid-layout' data-attr = '<?= $set_layout;?>'>
  4. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file style.css.
  5. I18N implementation : Proper use of _e(Possible variable $user found in translation function in basic-information.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $input_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $child_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $term_child found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables.
  6. I18N implementation : Proper use of ___all(Possible variable $title found in translation function in custom-functions.php. Translation function calls should not contain PHP variables. Possible variable $link found in translation function in thim-core-function.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of esc_attr_e(Possible variable $input_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $child_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $input_child_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $instructor_id found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables.
  8. I18N implementation : Proper use of esc_html___all(Possible variable $title found in translation function in custom-functions.php. Translation function calls should not contain PHP variables.
  9. I18N implementation : Proper use of esc_html_e(Possible variable $user found in translation function in basic-information.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $term found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $term_child found in translation function in learnpress-functions.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables. Possible variable $item found in translation function in course-rate.php. Translation function calls should not contain PHP variables.
  10. Date and time implementation : Use of date_i18n()At least one hard coded date was found in the file checkout.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file checkout.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. theme tags : Presence of bad theme tagsThemes that use the tag accessibility-ready will need to undergo an accessibility review.
    See https://make.wordpress.org/themes/handbook/review/accessibility/
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file installer.php.780: echo '<mark class='error'><span class='dashicons dashicons-warning'></span> ' . sprintf( __( '%1$s - We recommend a minimum PHP version of 5.6. See: %2$s', 'eduma' ), esc_html( $args['php_version'] ), '<a href='https://goo.gl/WRBYv3' target='_blank'>' . __( 'How to update your PHP versPossible hard-coded links were found in the file custom-functions.php.3882: echo '<p><i>If you want to import data with <b>WPBakery</b> or <b>SiteOrigin</b> Page Builder <a href='https://thimpress.com/knowledge-base/how-to-import-data-with-wpbakery-or-si
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : woocommerce.php 107: include_once( get_stylesheet_directory() . '/woocommerce/widgets/class-wc-w109: include_once( 'widgets/class-wc-widget-cart.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : result.php 33: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : shortcodes.php 2: include_once( THIM_DIR . '/inc/widgets/login-popup/login-popup.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : installer.php 114: require_once( ABSPATH . '/wp-admin/includes/file.php' );168: require_once 'class-thim-plugin.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-thim-plugin.php 3: include_once( ABSPATH . 'wp-admin/includes/plugin.php' );591: include_once( ABSPATH . 'wp-admin/includes/plugin-install.php' );616: include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );617: include_once( ABSPATH . 'wp-admin/includes/plugin-install.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : custom-functions.php 889: include_once( ABSPATH . 'wp-admin/includes/plugin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : tax_to_term_meta.php 17: * require_once('Tax-meta-class/migration/tax_to_term_meta.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
0

WordPress 6.5.2 theme

95

WordPress 6.5.2 theme

97

WordPress 6.5.2 theme