0
Validation results

Reco

Reco

WordPress 6.7 theme
0
  • THEME TYPEWordPress theme 6.7
  • FILE NAMEwp-reco.zip
  • FILE SIZE1644913 bytes
  • MD53e447e8f4982df0d5a62b9eacc7b461e
  • SHA1043ecde339a3e2d85e5487cb789859bb08c22193
  • LICENSECustom
  • FILES INCLUDEDCSS, PHP, XML, Bitmap images, Adobe Illustrator
  • VERSION4.0.0
  • TAGSsuper-light, speed, colorfull, freebies, magazine, two-columns, three-columns, responsive-layout, custom-colors, theme-options, translation-ready
  • CREATION DATE2020-01-27
  • LAST FILE UPDATE2020-07-20
  • LAST VALIDATION2020-07-20 11:41
  • OTHER VERSIONS

    3.3.2 : 73%

    3.1.4 : 73%

    3.1.3 : 12%

This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Use of PHP sytem calls Found ->exec in file RedisHandler.php. 79: ->exec();
  2. Security breaches : Use of backticks execution operators in PHP code Found ` in file MercurialProcessor.php. 53: $result = explode(' ', trim(`hg id -nb`));Found ` in file GitProcessor.php. 54: $branches = `git branch -v --no-abbrev`;
  3. Security breaches : Use of base64_encode() Found base64_encode in file ChromePHPHandler.php.
     $data = base64_encode(utf8_encode($json));
     $data = base64_encode(utf8_encode($json));
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe title="<?php the_title(); ?>" src="<?php echo esc_url(EPCL_THEMEPATH); ?>/assets/images/transparent.gif" data-lazy="true" data-src="<?php echo esc_url($video_url); ?> in file post-formats.php. 148: <iframe title='<?php the_title(); ?>' src='<?php echo esc_url(EPCL_THEMEPAT
  5. Malware : Operations on file system file_get_contents was found in the file class-merlin-widget-importer.php 77: $data = file_get_contents( $file );file_get_contents was found in the file class-merlin-customizer-importer.php 64: $raw = file_get_contents( $import_file_path );file_get_contents was found in the file class-merlin-redux-importer.php 25: $redux_options_raw_data = file_get_contents( $redux_item['file_path'] );file_put_contents was found in the file class-merlin-downloader.php 43: $saved_file = file_put_contents( $this->download_directory_path . $filename, $content );fread was found in the file SlackHandler.php 160: @fread($res, 2048);fopen was found in the file DeduplicationHandler.php 140: $handle = fopen($this->deduplicationStore, 'rw+');fwrite was found in the file DeduplicationHandler.php 156: fwrite($handle, $log);fclose was found in the file DeduplicationHandler.php 160: fclose($handle);file_put_contents was found in the file DeduplicationHandler.php 167: file_put_contents($this->deduplicationStore, $record['datetime']->getTimestfile_get_contents was found in the file CouchDBHandler.php 60: if (false === @file_get_contents($url, null, $context)) {fclose was found in the file StreamHandler.php 63: fclose($this->stream);fopen was found in the file StreamHandler.php 100: $this->stream = fopen($this->url, 'a');135: $this->errorMessage = preg_replace('{^(fopen|mkdir)\(.*?\): }', '', $msg);fwrite was found in the file StreamHandler.php 130: fwrite($stream, (string) $record['formatted']);fclose was found in the file SocketHandler.php 78: fclose($this->resource);fwrite was found in the file SocketHandler.php 225: protected function fwrite($data)227: return @fwrite($this->resource, $data);300: $chunk = $this->fwrite($data);302: $chunk = $this->fwrite(substr($data, $sent));fwrite was found in the file SocketHandler.php 225: protected function fwrite($data)227: return @fwrite($this->resource, $data);300: $chunk = $this->fwrite($data);302: $chunk = $this->fwrite(substr($data, $sent));fwrite was found in the file SocketHandler.php 225: protected function fwrite($data)227: return @fwrite($this->resource, $data);300: $chunk = $this->fwrite($data);302: $chunk = $this->fwrite(substr($data, $sent));fwrite was found in the file SocketHandler.php 225: protected function fwrite($data)227: return @fwrite($this->resource, $data);300: $chunk = $this->fwrite($data);302: $chunk = $this->fwrite(substr($data, $sent));
  6. Malware : Network operations curl_init was found in the file SlackbotHandler.php 72: $ch = curl_init();curl_init was found in the file MandrillHandler.php 55: $ch = curl_init();curl_init was found in the file CubeHandler.php 91: $this->httpConnection = curl_init('http://'.$this->host.':'.$this->port.'/1.0/event/put');curl_init was found in the file LogglyHandler.php 87: $ch = curl_init();curl_init was found in the file IFTTTHandler.php 58: $ch = curl_init();curl_init was found in the file SlackWebhookHandler.php 83: $ch = curl_init();fsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().20: * @see http://php.net/manual/en/function.fsockopen.php98: * @see http://php.net/manual/en/function.fsockopen.php183: * UDP might appear to be connected but might fail when writing. See http://php.net/fsockopen for details.196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->204: protected function fsockopen()206: return @fsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->276: $resource = $this->pfsockopen();278: $resource = $this->fsockopen();pfsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this-276: $resource = $this->pfsockopen();pfsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this-276: $resource = $this->pfsockopen();pfsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this-276: $resource = $this->pfsockopen();fsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().20: * @see http://php.net/manual/en/function.fsockopen.php98: * @see http://php.net/manual/en/function.fsockopen.php183: * UDP might appear to be connected but might fail when writing. See http://php.net/fsockopen for details.196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->204: protected function fsockopen()206: return @fsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->276: $resource = $this->pfsockopen();278: $resource = $this->fsockopen();fsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().20: * @see http://php.net/manual/en/function.fsockopen.php98: * @see http://php.net/manual/en/function.fsockopen.php183: * UDP might appear to be connected but might fail when writing. See http://php.net/fsockopen for details.196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->204: protected function fsockopen()206: return @fsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->276: $resource = $this->pfsockopen();278: $resource = $this->fsockopen();pfsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this-276: $resource = $this->pfsockopen();fsockopen was found in the file SocketHandler.php 17: * Stores to any socket - uses fsockopen() or pfsockopen().20: * @see http://php.net/manual/en/function.fsockopen.php98: * @see http://php.net/manual/en/function.fsockopen.php183: * UDP might appear to be connected but might fail when writing. See http://php.net/fsockopen for details.196: protected function pfsockopen()198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->204: protected function fsockopen()206: return @fsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->276: $resource = $this->pfsockopen();278: $resource = $this->fsockopen();curl_exec was found in the file Util.php 35: if (curl_exec($ch) === false) {
  7. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-merlin.php : 433: $this->hook_suffix = add_submenu_page(
  8. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was wp-reco-child.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag super-light in style.css header.Found wrong tag speed in style.css header.Found wrong tag colorfull in style.css header.Found wrong tag freebies in style.css header.Found wrong tag magazine in style.css header.The tag responsive-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'Cannot import auto-draft posts' in file src/WXRImporter.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Skipping attachment "%s", fetching attachments disabled' in file src/WXRImporter.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are reco, woocommerce, @@textdomain, wordpress-importer, tgmpa.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.
  4. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  5. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  6. I18N implementation : Proper use of _e(Possible variable $wp_query found in translation function in author.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-posts.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of esc_html_e(Possible variable $wp_query found in translation function in author.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in classic-posts.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-posts.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-posts.php. Translation function calls should not contain PHP variables. Possible variable $total_posts found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables. Possible variable $wp_query found in translation function in grid-sidebar.php. Translation function calls should not contain PHP variables.
  8. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  7. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : class-merlin-customizer-importer.php 173: require_once( ABSPATH . 'wp-admin/includes/media.php' );174: require_once( ABSPATH . 'wp-admin/includes/file.php' );175: require_once( ABSPATH . 'wp-admin/includes/image.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes