0
Validation results

Mesmerize PRO

Mesmerize PRO

WordPress 6.5.3 theme
0
  • THEME TYPEWordPress theme 6.5.3
  • FILE NAMEmesmerize-pro.zip
  • FILE SIZE7018278 bytes
  • MD51d6094c69341fb4c16b70a38e855bbe2
  • SHA1b92079caa051de317105743dd3fcd9cc9ba7a115
  • LICENSEGNU GPL 3
  • FILES INCLUDEDCSS, PHP, HTML, Bitmap images
  • VERSION1.6.168
  • TAGSentertainment, food-and-drink, portfolio, one-column, two-columns, right-sidebar, grid-layout, custom-header, custom-menu, custom-logo, full-width-template, theme-options, translation-ready, featured-images, threaded-comments
  • CREATION DATE2024-04-29
  • LAST FILE UPDATE2024-04-29
  • LAST VALIDATION2024-04-29 19:14
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file multilanguage-mods.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Security breaches : Modification of PHP server settings Found ini_set in file theme-updater.php.
    Ligne8: ini_set( 'display_errors', 1 );
    Ligne202: @ini_set( 'memory_limit', $new_memory_limit );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe style="width:100%; height:100%;min-height:inherit;display:block;" src="<?php echo esc_url($map_url); ?> in file maps.php.
    Ligne91: <iframe style='width:100%; height:100%;min-height:inherit;display:block;' s
  4. Malware : Operations on file system file_get_contents was found in the file buttons.php
    Ligne262: $imgData = file_get_contents($imgPath);
    file_get_contents was found in the file nav-bar.php
    Ligne1301: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/base.inc') 
    Ligne1302: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/{$variation
    Ligne1303: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/submenus.in
    file_get_contents was found in the file nav-bar.php
    Ligne1301: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/base.inc') 
    Ligne1302: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/{$variation
    Ligne1303: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/submenus.in
    file_get_contents was found in the file nav-bar.php
    Ligne1301: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/base.inc') 
    Ligne1302: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/{$variation
    Ligne1303: $content .= file_get_contents(get_template_directory() . '/assets/menu-vars/submenus.in
    file_get_contents was found in the file slider.php
    Ligne349: $imgData = file_get_contents($imgPath);
    file_put_contents was found in the file multilanguage.php
    Ligne7: //file_put_contents(ABSPATH.'/log-mods.txt', $time . '::'. $msg  . '\r\n', FI
    file_get_contents was found in the file templates-functions.php
    Ligne84: if ( ! preg_match( '|Template Name:(.*)$|mi', file_get_contents( $full_path ), $header ) ) {
    Ligne89: if ( preg_match( '|Template Post Type:(.*)$|mi', file_get_contents( $full_path ), $type ) ) {
    file_get_contents was found in the file templates-functions.php
    Ligne84: if ( ! preg_match( '|Template Name:(.*)$|mi', file_get_contents( $full_path ), $header ) ) {
    Ligne89: if ( preg_match( '|Template Post Type:(.*)$|mi', file_get_contents( $full_path ), $type ) ) {
    file_put_contents was found in the file functions.php
    Ligne317: //    file_put_contents(ABSPATH . '/wp-content/plugins/mods-exporter/preset.php',
    file_put_contents was found in the file theme-updater-class.php
    Ligne98: file_put_contents( ABSPATH . '/times.txt', time() . '\n', FILE_APPEND );
  5. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-wp-license-manager-client.php :
    Ligne133: add_options_page(
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in functions.php. Themes must not deregister core scripts.
    Ligne149: wp_deregister_script( '{$textDomain}-theme' );
  2. theme tags : Presence of bad theme tagsFound wrong tag custom-logo in style.css header.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments '%s License' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'License' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'License e-mail address' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'License key' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Insert your license information to enable updates.' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%s License' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Please enter your email and license key to enable updates to %s.' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Complete the setup now.' in file class-wp-license-manager-client.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Sorry, you are not allowed to install themes on this site.' in file updater.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Upload Theme' in file updater.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Installing Theme from uploaded file: %s' in file updater.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'deactivate-license' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'activate-license' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'An error occurred, please try again.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Your license key expired on %s.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Your license key has been disabled.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Invalid license.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Your license is not active for this URL.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'This appears to be an invalid license key for %s.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Your license key has reached its activation limit.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'An error occurred, please try again.' in file theme-updater-admin.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'An error occurred, please try again.' in file theme-updater-admin.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are mesmerize, one-page-express, memserize, mesmerize-pro, easy-theme-and-plugin-upgrades.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  6. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  7. I18N implementation : Proper use of _e(Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $strings found in translation function in theme-updater-admin.php. Translation function calls should not contain PHP variables. Possible variable $strings found in translation function in theme-updater-admin.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in theme-updater-admin.php. Translation function calls should not contain PHP variables.
  8. I18N implementation : Proper use of ___all(Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in class-wp-license-manager-client.php. Translation function calls should not contain PHP variables.
  9. I18N implementation : Proper use of esc_attr_e(Possible variable $strings found in translation function in theme-updater-admin.php. Translation function calls should not contain PHP variables. Possible variable $strings found in translation function in theme-updater-admin.php. Translation function calls should not contain PHP variables.
  10. I18N implementation : Proper use of esc_html_e(Possible variable $this found in translation function in theme-updater-admin.php. Translation function calls should not contain PHP variables.
  11. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  10. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  11. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  12. Optional files : Presence of 404 Not Found template file 404.phpThis theme does not contain optional file 404.php.
  13. Use of includes : Use of include or requireThe theme appears to use include or require : index.php
    Ligne29: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-updater.php
    Ligne106: require_once( ABSPATH . 'wp-admin/includes/file.php' );
    Ligne135: require_once( ABSPATH . 'wp-admin/includes/class-pclzip.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : integration.php
    Ligne4: require(dirname(__FILE__) . '/updater.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : updater.php
    Ligne13: include_once(ABSPATH . 'wp-admin/includes/class-wp-upgrader.php');
    Ligne34: require_once(ABSPATH . 'wp-admin/admin-header.php');
    Ligne41: require_once(dirname(__FILE__) . '/theme-updater.php');
    Ligne50: include(ABSPATH . 'wp-admin/admin-footer.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : webgradients-list.php
    Ligne3: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-updater.php
    Ligne10: include( dirname( __FILE__ ) . '/theme-updater-admin.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-updater-admin.php
    Ligne349: include( dirname( __FILE__ ) . '/theme-updater-class.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : kirki.php
    Ligne33: include_once( dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'autoloader.php' 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-kirki-helper.php
    Ligne85: require_once( ABSPATH . '/wp-admin/includes/file.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-kirki-customize-control.php
    Ligne111: * @type string                $type            Control type. Core controls include 'text', 'checkbox',
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes