0
Validation results

JustNews

JustNews

WordPress 6.6.2 theme
0
  • THEME TYPEWordPress theme 6.6.2
  • FILE NAMEjustnews.zip
  • FILE SIZE1665807 bytes
  • MD5f92ecc2648110b9a7f5f54eacc971815
  • SHA1618a774f3ed2b9868fdb8c19bd45a77155cd13db
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttps://www.wpcom.cn/themes/justnews.html
  • VERSION4.3.0
  • AUTHOR URI
  • CREATION DATE2020-03-01
  • LAST FILE UPDATE2020-03-01
  • LAST VALIDATION2020-03-01 06:44
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file wpcom.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  3. Security breaches : Modification of PHP server settings Found ini_set in file OneClickDemoImport.php. 205: ini_set( 'memory_limit', apply_filters( 'pt-ocdi/import_memory_limit', '350
  4. Security breaches : Use of base64_decode() Found base64_decode in file init.php. 833: $mirror = wp_upload_bits($filename, '', base64_decode(str_replace('data:image/jpeg;base64,', '', $img)), '1234/06')Found base64_decode in file panel.php. 261: $ops = base64_decode($ops);263: $ops = base64_decode(str_replace(md5($token), '', $ops));
  5. Security breaches : Use of base64_encode() Found base64_encode in file mobile-share.php.
     $img_base64 = 'data:' . $get['headers']['content-type'] . ';base64,' . base64_encode($get ['body']);
    Found base64_encode in file RoaAcsRequest.php.
     $this->headers['Content-MD5'] = base64_encode(md5(json_encode($content), true));
    Found base64_encode in file ShaHmac1Signer.php.
     return    base64_encode(hash_hmac('sha1', $source, $accessSecret, true));
    Found base64_encode in file ShaHmac256Signer.php.
     return    base64_encode(hash_hmac('sha256', $source, $accessSecret, true));
  6. Unwanted files : hidden file(s) or folder(s) .txt .url was found.
  7. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe class="sc-iframe" frameborder="0" src="'.admin_url('admin-ajax.php?action=wpcom_mce_panel&post=\'+$(\'#post_ID\').val()+\'').'"> in file shortcodes.php. 43: $('#sc-iframe').html(\'<iframe class='sc-iframe' frameborder='0' src=''.admin_url('admin-ajax.php?
  8. Malware : Operations on file system file_get_contents was found in the file EndpointConfig.php 21: $xml = simplexml_load_string(file_get_contents($endpoint_filename));file_get_contents was found in the file panel.php 286: if( function_exists('file_get_contents') ){287: $files = @file_get_contents( get_template_directory() . '/functions.php' );297: if( function_exists('file_get_contents') ){298: $files = @file_get_contents( FRAMEWORK_PATH . '/load.php' );file_get_contents was found in the file panel.php 286: if( function_exists('file_get_contents') ){287: $files = @file_get_contents( get_template_directory() . '/functions.php' );297: if( function_exists('file_get_contents') ){298: $files = @file_get_contents( FRAMEWORK_PATH . '/load.php' );file_get_contents was found in the file wpcom.php 209: $res['icons'] = json_decode(@file_get_contents($icons_file));238: $config = @file_get_contents($config_file);866: if($input = file_get_contents('php://input')){file_get_contents was found in the file wpcom.php 209: $res['icons'] = json_decode(@file_get_contents($icons_file));238: $config = @file_get_contents($config_file);866: if($input = file_get_contents('php://input')){file_get_contents was found in the file wpcom.php 209: $res['icons'] = json_decode(@file_get_contents($icons_file));238: $config = @file_get_contents($config_file);866: if($input = file_get_contents('php://input')){
  9. Malware : Network operations curl_init was found in the file HttpHelper.php 27: $ch = curl_init();curl_exec was found in the file HttpHelper.php 56: $httpResponse->setBody(curl_exec($ch));curl_init was found in the file SmsSenderUtil.php 143: $curl = curl_init();180: $curl = curl_init();curl_exec was found in the file SmsSenderUtil.php 153: $ret = curl_exec($curl);155: // curl_exec failed192: $result = curl_exec($curl);195: // curl_exec failedcurl_init was found in the file SmsSenderUtil.php 143: $curl = curl_init();180: $curl = curl_init();curl_exec was found in the file SmsSenderUtil.php 153: $ret = curl_exec($curl);155: // curl_exec failed192: $result = curl_exec($curl);195: // curl_exec failed
  10. Admin menu : Themes should use add_theme_page() for adding admin pages. File user-groups.php : 61: add_submenu_page('users.php', __('Groups', 'wpcom'), __('Groups', 'wpcom'),File plugin-activation.php : 732: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_tFile panel.php : 23: if(function_exists('add_menu_page')) {27: add_menu_page('主题设置', '主题设置', 'edit_theme_options', 'wpcom-29: add_menu_page('主题激活', '主题激活', 'edit_theme_options', 'wpcom-File panel.php : 23: if(function_exists('add_menu_page')) {27: add_menu_page('主题设置', '主题设置', 'edit_theme_options', 'wpcom-29: add_menu_page('主题激活', '主题激活', 'edit_theme_options', 'wpcom-File panel.php : 23: if(function_exists('add_menu_page')) {27: add_menu_page('主题设置', '主题设置', 'edit_theme_options', 'wpcom-29: add_menu_page('主题激活', '主题激活', 'edit_theme_options', 'wpcom-
  11. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : init.php.
  12. Content width : Proper definition of content_width No content width has been defined. Example:
    if ( ! isset( $content_width ) ) $content_width = 900;
  13. Deprecated functions : get_bloginfo get_bloginfo( 'url' ) was found in the file plugin-activation.php. Use home_url() instead.1106: return 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' );get_bloginfo('url') was found in the file header.php. Use home_url() instead.44: <form class='navbar-search' action='<?php echo get_bloginfo('url');?>' method='get' role='search'>59: <form style='margin-right: -15px;' class='navbar-search' action='<?php echo get_bloginfo('url');?>' method='get' role='search'>get_bloginfo('url') was found in the file searchform.php. Use home_url() instead.1: <form class='search-form' action='<?php echo get_bloginfo('url');?>' method='get' role='search'>get_bloginfo('url') was found in the file functions.php. Use home_url() instead.626: if(preg_match('%SITE_URL%', $copyright)) $copyright = str_replace('%SITE_URL%', get_bloginfo('url'), $copyright);get_bloginfo('url') was found in the file single-kuaixun.php. Use home_url() instead.8: <li class='home'><i class='fa fa-map-marker'></i> <a href='<?php echo get_bloginfo('url')?>'><?php _e('Home', 'wpcom');?></a>
  14. Deprecated functions : bloginfo bloginfo('url') was found in the file header.php. Use echo esc_url( home_url() ) instead.25: <a href='<?php bloginfo('url');?>' rel='home'><img src='<?php if($logo = isset($options['l44: <form class='navbar-search' action='<?php echo get_bloginfo('url');?>' method='get' role='search'>59: <form style='margin-right: -15px;' class='navbar-search' action='<?php echo get_bloginfo('url');?>' method='get' role='search'>bloginfo('url') was found in the file 404.php. Use echo esc_url( home_url() ) instead.9: <p><?php _e('We're sorry, but the page you're looking for may have been moved or deleted.', 'wpcom');?> <a href='<?php bloginfo('url');?>'><?php _e('Go home', 'wpcom');?></a></p>
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in setup.php. Themes must not deregister core scripts. 212: wp_deregister_script( 'jquery' );
  2. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'Someone has requested a password reset for the following account:' in file form-validation.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Site Name: %s' in file form-validation.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Username: %s' in file form-validation.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'If this was a mistake, just ignore this email and nothing will happen.' in file form-validation.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'To reset your password, visit the following address:' in file form-validation.php.Found a translation function that is missing a text-domain. Function __, with the arguments '[%s] Password Reset' in file form-validation.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Change' in file user-groups.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Filter' in file user-groups.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%s' in file content-filter.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'If this was a mistake, just ignore this email and nothing will happen.' in file member-functions.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Clear' in file wpcom.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Default' in file wpcom.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Select Color' in file wpcom.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Current Color' in file wpcom.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Cannot import auto-draft posts' in file src/WXRImporter.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Skipping attachment "%s", fetching attachments disabled' in file src/WXRImporter.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are wpcom, woocommerce, wordpress-importer, pt-ocdi.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file DescribeCaptchaMinRequest.php.Found a mix of \r\n and \n line endings in file DescribeCaptchaIpCityRequest.php.Found a mix of \r\n and \n line endings in file DescribeCaptchaRiskRequest.php.Found a mix of \r\n and \n line endings in file ConfigurationStyleRequest.php.Found a mix of \r\n and \n line endings in file CreateConfigurationRequest.php.Found a mix of \r\n and \n line endings in file AuthenticateSigRequest.php.Found a mix of \r\n and \n line endings in file SetEarlyWarningRequest.php.Found a mix of \r\n and \n line endings in file AnalyzeNvcRequest.php.Found a mix of \r\n and \n line endings in file DescribePersonMachineListRequest.php.Found a mix of \r\n and \n line endings in file DescribeCaptchaDayRequest.php.Found a mix of \r\n and \n line endings in file DescribeConfigNameRequest.php.Found a mix of \r\n and \n line endings in file DescribeEarlyWarningRequest.php.
  6. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file style.css.
  7. Fundamental theme elements : Presence of add_theme_support()Could not find add_theme_support( 'automatic-feed-links' ).
  8. Fundamental theme elements : Presence of wp_link_pages()Could not find wp_link_pages.
  9. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  10. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  11. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  12. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  13. CSS files : Presence of .bypostauthor class.bypostauthor css class is needed in theme css.
  14. Screenshot : Screenshot fileScreenshot size is 600x450px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file shortcode.php.99: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.130: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.184: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.99: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.130: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.184: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.99: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.130: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.184: <div class='col-xs-10 col-xs-offset-2 desc'><p>图标请参考这里:<a href='https://fontawesome.com/v4.7.0/icons/' target='_blank'>https://fontawesome.Possible hard-coded links were found in the file Helpers.php.300: '<a href='http://gregorcapuder.com/wordpress-how-to-set-direct-filesystem-method/' ta
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : social-login.php 462: include_once( ABSPATH . WPINC . '/registration.php' );556: require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : sesstion.php 74: require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : init.php 711: $html = '<div class='form-group'><label><i class='fa fa-'.$icon.''></i> <input type=''.$args['type'].'' class='form-input'.($require?' require':'').'' id=''.$name.'' name=''.$name.'' placeholder=''.$placeholder If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Config.php 20: include_once 'Autoloader/Autoloader.php';21: include_once 'Regions/EndpointConfig.php';22: include_once 'Regions/LocationService.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : DefaultProfileTest.php 20: include_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : EndPointByLocationTest.php 9: include_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : EndpointProviderTest.php 20: include_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : ShaHmac256SignerTest.php 20: include_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : CredentialTest.php 20: include_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : ShaHmac1SignerTest.php 20: include_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : BaseTest.php 27: include_once 'Ecs/Rquest/DescribeRegionsRequest.php';28: include_once 'BatchCompute/ListImagesRequest.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : DefaultAcsClientTest.php 20: include_once 'BaseTest.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : HttpHelperTest.php 20: include_once '../BaseTest.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : InteTest.php 8: require_once '../../Config.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : wpcom.php 620: if (!function_exists('file_is_displayable_image')) include( ABSPATH . 'wp-admin/includes/image.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : CustomizerImporter.php 186: require_once( ABSPATH . 'wp-admin/includes/media.php' );187: require_once( ABSPATH . 'wp-admin/includes/file.php' );188: require_once( ABSPATH . 'wp-admin/includes/image.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes