0
Validation results

Flatastic

Flatastic

WordPress 6.5.2 theme
0
  • THEME TYPEWordPress theme 6.5.2
  • FILE NAMEflatastic.zip
  • FILE SIZE7228639 bytes
  • MD56c31c1cd5dea74632875699c003f906c
  • SHA1ec2b1acd848e6cbae8f2bc59aa1c587b973d0e63
  • LICENSECustom
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Photoshop, Adobe Illustrator
  • VERSION1.8.0
  • TAGSone-column, two-columns, left-sidebar, right-sidebar, sticky-post, theme-options
  • CREATION DATE2019-06-12
  • LAST FILE UPDATE2019-06-12
  • LAST VALIDATION2019-06-12 14:37
  • OTHER VERSIONS

    1.7.4 : 0%

This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_decode() Found base64_decode in file import-class.php. 12: $options = unserialize(base64_decode($options));27: $widget_settings = unserialize(base64_decode($widget_settings));36: $sidebar_settings = unserialize(base64_decode($sidebar_settings));43: $woof_settings = unserialize(base64_decode($woof_settings));Found base64_decode in file functions-ajax.php. 94: $options = unserialize(base64_decode(file_get_contents( $file )));
  3. Security breaches : Use of base64_encode() Found base64_encode in file twitter-api-core.php. 
     $this->args['oauth_signature'] = base64_encode( hash_hmac( 'sha1', $str, $key, true ) );
    Found base64_encode in file export-class.php. 
     $export = base64_encode(serialize($export));
     $widget_settings = base64_encode(serialize($this->exportWidgets()));
     $sidebar_settings = base64_encode(serialize($this->exportSidebars()));
     $woof_settings = base64_encode(serialize($this->exportWoof()));
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://mapsengine.google.com/map/u/0/embed?mid=z4vjH8i214vQ.kj0Xiukzzle4" width="640" height="480"> in file vc_mad_gmaps.php. 13: 'link' => '<iframe src='https://mapsengine.google.com/map/u/0/embed?mid=z4vjH8i214vQ.kFound <iframe src="https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d193578.74109040972!2d-73.97968099999999!3d40.703312749999995!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x89c24fa5d33f083b%3A0xc80b8f06e177fe62!2z0J3RjNGOLdCZ0L7RgNC6LCDQodCo0JA!5e0!3m2!1sru!2sua!4v1424385645246" width="400" height="300" style="border:0"> in file register-theme-options.php. 3162: 'std' => '<iframe src='https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d193578.7
  5. Malware : Operations on file system fopen was found in the file functions-helper.php 8: $handle = @fopen( $file, 'w' );15: $handle = fopen($file, 'r');50: $handle = @fopen($index_file, 'w');fwrite was found in the file functions-helper.php 11: $create = fwrite( $handle, $content );52: fwrite( $handle, '<?php\r\necho 'Browsing the directory is not allowed!';\rfclose was found in the file functions-helper.php 12: fclose( $handle );18: fclose( $handle );53: fclose( $handle );fopen was found in the file functions-helper.php 8: $handle = @fopen( $file, 'w' );15: $handle = fopen($file, 'r');50: $handle = @fopen($index_file, 'w');fread was found in the file functions-helper.php 16: $filecontent = fread($handle, filesize($file));fclose was found in the file functions-helper.php 12: fclose( $handle );18: fclose( $handle );53: fclose( $handle );fopen was found in the file functions-helper.php 8: $handle = @fopen( $file, 'w' );15: $handle = fopen($file, 'r');50: $handle = @fopen($index_file, 'w');fwrite was found in the file functions-helper.php 11: $create = fwrite( $handle, $content );52: fwrite( $handle, '<?php\r\necho 'Browsing the directory is not allowed!';\rfclose was found in the file functions-helper.php 12: fclose( $handle );18: fclose( $handle );53: fclose( $handle );file_get_contents was found in the file functions-ajax.php 93: if ( function_exists( 'file_get_contents' ) && $file != '' ) {94: $options = unserialize(base64_decode(file_get_contents( $file )));
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File twitter-api-admin.php : 190: add_options_page( $title, $title, 'manage_options', 'twitter-api-admin', 'tFile admin.php : 129: //add_action( 'admin_menu', array( $this, 'add_menu_page' ) );340: public function add_menu_page()342: $page = add_menu_page(__('Envato Market', 'envato-market'), __('Envato Market', 'enFile admin.php : 129: //add_action( 'admin_menu', array( $this, 'add_menu_page' ) );340: public function add_menu_page()342: $page = add_menu_page(__('Envato Market', 'envato-market'), __('Envato Market', 'enFile adminpages.class.php : 42: $stm_admin_menu_page_creation_method = 'add_menu_page';
  7. Deprecated functions : wp_get_http wp_get_http found in file wordpress-importer.php. Deprecated since version 4.4. Use WP_Http instead.866: $headers = wp_get_http( $url, $upload['file'] );
  8. Deprecated functions : bloginfo bloginfo('home') was found in the file wpml-integration.php. Use echo esc_url( home_url() ) instead.6: // - bloginfo('home')bloginfo('url') was found in the file wpml-integration.php. Use echo esc_url( home_url() ) instead.7: // - bloginfo('url')
  9. Deprecated functions : get_option get_option('home') was found in the file wpml-integration.php. Use home_url() instead.5: // - get_option('home')
  10. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was home.zip construction_2.zip constraction.zip.
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that has an incorrect number of arguments. Function _n, with the arguments '%s download remaining', '%s downloads remaining', downloads_remaining, 'flatastic' in file my-downloads.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'flatastic' in file cart-totals.php.Found a translation function that is missing a text-domain. Function __, with the arguments "js_composer" in file config.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'You can also add it manually anywhere by using the %s shortcode' in file init.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'flatastic' in file twitter-api-core.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Widget title' in file latest-tweets.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file form.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file form.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments in file form.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Add Custom Tab' in file common-tab.class.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%1$s is deprecated. Use %2$s instead.' in file functions-template.php.Found a translation function that has an incorrect number of arguments. Function _e, with the arguments 'I have read and agree to the <a target="_blank" href=', >Terms &amp; Conditions</a>., 'dokan' in file seller-registration-form.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are flatastic, downloads_remaining, yith-woocommerce-compare, woocommerce, yith-woocommerce-wishlist, i, dokan, >Terms &amp; Conditions</a>., tgmpa, envato-market.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  5. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  6. I18N implementation : Proper use of _e(Possible variable $this found in translation function in form.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in form.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in form.php. Translation function calls should not contain PHP variables. Possible variable $toc_page_url found in translation function in seller-registration-form.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of ___all(Possible variable $label found in translation function in config.php. Translation function calls should not contain PHP variables. Possible variable $err found in translation function in twitter-api-core.php. Translation function calls should not contain PHP variables. Possible variable $text found in translation function in twitter-api-core.php. Translation function calls should not contain PHP variables.
  8. I18N implementation : Proper use of esc_attr_e(Possible variable $this found in translation function in form.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in form.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in form.php. Translation function calls should not contain PHP variables.
  9. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  5. Use of includes : Use of include or requireThe theme appears to use include or require : config.php 189: require_once($file); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : config.php 27: require_once( $this->paths['PHP'] . 'wpml-integration.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class.woof.php 1211: include($pagepath); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : config.php 40: require($this->paths['PLUGINS'] . 'ajax_search/config.php');41: require($this->paths['PLUGINS'] . 'compare/config.php');42: require($this->paths['PLUGINS'] . 'wishlist/config.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : config.php 31: require( self::$pathes['PLUGINS'] . 'compare/widgets/class.yith-woocompare- If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : theme-helper.php 215: include(MAD_INCLUDES_PATH . $path . $view . '.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : functions-core.php 48: include( $located ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : widgets.php 141: include(POPWIDGET_ABSPATH . '/inc/widget.php');147: include(POPWIDGET_ABSPATH . '/inc/form.php');767: include(MAILCHIMP_ABSPATH . '/inc/widget.php');779: include(MAILCHIMP_ABSPATH . '/inc/form.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : config.php 47: require_once( $this->paths['PHP'] . 'functions-template.php' );48: require_once( $this->paths['PHP'] . 'ordering.class.php' );49: require_once( $this->paths['PHP'] . 'common-tab.class.php' );56: include( $this->paths['WIDGETS_DIR'] . 'class-wc-widget-products-specials.p64: include( $this->paths['PHP'] . 'dropdown-cart.class.php' );65: include( $this->paths['PHP'] . 'quick-view.class.php' );66: include( $this->paths['PHP'] . 'currency-switcher.class.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : register-theme-options.php 4: include('register-google-webfonts.php');7: include('register-color-schemes.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : admin.php 959: include_once(ABSPATH . 'wp-admin/includes/class-wp-upgrader.php');1158: require(envato_market()->get_plugin_path() . 'inc/admin/view/callback/admin1168: require(envato_market()->get_plugin_path() . 'inc/admin/view/callback/secti1178: require(envato_market()->get_plugin_path() . 'inc/admin/view/callback/secti1188: require(envato_market()->get_plugin_path() . 'inc/admin/view/callback/setti1198: require(envato_market()->get_plugin_path() . 'inc/admin/view/callback/setti1208: require(envato_market()->get_plugin_path() . 'inc/admin/view/partials/intro1218: require(envato_market()->get_plugin_path() . 'inc/admin/view/partials/tabs.1228: require(envato_market()->get_plugin_path() . 'inc/admin/view/partials/setti1238: require(envato_market()->get_plugin_path() . 'inc/admin/view/partials/theme1248: require(envato_market()->get_plugin_path() . 'inc/admin/view/partials/plugi1258: require(envato_market()->get_plugin_path() . 'inc/admin/view/notice/success1268: require(envato_market()->get_plugin_path() . 'inc/admin/view/notice/success1278: require(envato_market()->get_plugin_path() . 'inc/admin/view/notice/success1288: require(envato_market()->get_plugin_path() . 'inc/admin/view/notice/error.p1298: require(envato_market()->get_plugin_path() . 'inc/admin/view/notice/error-s If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : adminpages.class.php 16: require_once( get_template_directory() . '/admin/framework/php/envato-marke125: require_once( get_template_directory() . '/admin/framework/admin-pages/welc If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : global-object.class.php 30: include( MAD_FRAMEWORK::$path['configPath'] . 'register-theme-options.php' If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : inc-importer.php 22: require_once($class_wp_importer);31: require_once($class_wp_import);42: include_once('import-class.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : import-class.php 9: if ($option_file) @include_once($option_file); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : register-dynamic-styles.php 57: include(MAD_FRAMEWORK::$path['configPath'] . 'register-color-schemes.php');98: require(MAD_BASE_PATH . 'css/dynamic-global-css.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : functions-ajax.php 72: require_once('config-import-export/inc-importer.php');89: require_once('config-import-export/import-options.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : framework.php 30: require_once($this->paths['frameworkPHP'] . 'functions-helper.php');31: require_once($this->paths['frameworkPHP'] . 'breadcrumb.class.php');32: require_once($this->paths['frameworkPHP'] . 'sidebar-generator.class.php');33: require_once($this->paths['frameworkPHP'] . 'global-object.class.php');34: require_once($this->paths['frameworkPHP'] . 'adminpages.class.php');35: require_once($this->paths['frameworkPHP'] . 'html-helper.class.php');36: require_once($this->paths['frameworkPHP'] . 'functions-ajax.php');37: require_once($this->paths['frameworkPHP'] . 'config-import-export/export-cl38: require_once($this->paths['frameworkPHP'] . 'dynamic-style-creator.class.ph39: require_once($this->paths['frameworkPHP'] . 'facebook-page-likebox.php');40: require_once($this->paths['frameworkPHP'] . 'class-pinterest-widgets.php');41: require_once($this->paths['frameworkPHP'] . 'admin-aside-panel.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
0

WordPress 6.5.2 theme

74

WordPress 6.5.2 theme

98

WordPress 6.5.2 theme