0
Validation results

RM Capital

RM Capital

WordPress 6.7.1 theme
0
  • THEME TYPEWordPress child theme 6.7.1
  • FILE NAMEnewstore-child.zip
  • FILE SIZE6583120 bytes
  • MD501599d18340ede7762d97355b36b975d
  • SHA19bbc2be585ab8801ba86a294dff3582b6e6d67b2
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, Bitmap images
  • VERSION1.3.7.1571753781
  • TAGSe-commerce,portfolio,blog,custom-logo,custom-header,custom-menu,featured-images,full-width-template,right-sidebar,left-sidebar,sticky-post,theme-options,threaded-comments,translation-ready,one-column,two-columns,footer-widgets,rtl-language-support
  • CREATION DATE2023-02-28
  • LAST FILE UPDATE2023-02-28
  • LAST VALIDATION2023-02-28 15:20
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Use of PHP sytem calls Found popen in file class.phpmailer.php. 1211: if(!@$mail = popen($sendmail, 'w')) {1241: if(!@$mail = popen($sendmail, 'w')) {
  2. Security breaches : Modification of PHP server settings Found ini_set in file class.phpmailer.php. 1307: ini_set('sendmail_from', $this->Sender);1367: ini_set('sendmail_from', $old_from);
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.youtube.com/embed/<?php echo str_replace('https://youtu.be/', '', get_field('youtube_video_link')) ?> in file single-youtube-videos.php. 32: <iframe src='https://www.youtube.com/embed/<?php echo str_replace('https://Found <iframe width="560" height="315" src="https://www.youtube.com/embed/'+$(this).closest('.item-video').attr('yt-id').replace('https://youtu.be/', '')+'" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen> in file functions.php. 532: $('body').prepend('<div class='yt-iframe-wrap'><div class='yt-iframe'><a href='javascript:;' class='yt-close'><img src='https://demo.staging-plus.net/clients/rmcap/wp-content/themes/newstore-child/images/close-img.png' class='img' ></a><iframe width='560' height='315' src='https://www.youtube.com/embed/'+$(thi
  4. Malware : Operations on file system fclose was found in the file class.pop3.php 318: fclose($this->pop_conn);fwrite was found in the file class.pop3.php 345: $bytes_sent = fwrite($this->pop_conn, $string, strlen($string));fclose was found in the file class.smtp.php 298: fclose($this->smtp_conn);file_put_contents was found in the file class.phpmailer.php 2473: file_put_contents($file, $body); //TODO check this workedfile_get_contents was found in the file class.phpmailer.php 2483: $body = file_get_contents($signed);2945: $file_buffer = file_get_contents($path);4429: $privKeyStr = file_get_contents($this->DKIM_private);file_get_contents was found in the file class.phpmailer.php 2483: $body = file_get_contents($signed);2945: $file_buffer = file_get_contents($path);4429: $privKeyStr = file_get_contents($this->DKIM_private);fopen was found in the file class.phpmailer.php 3399: $fp = fopen('php://temp/', 'r+');fclose was found in the file class.phpmailer.php 3417: fclose($fp);file_get_contents was found in the file class.phpmailer.php 2483: $body = file_get_contents($signed);2945: $file_buffer = file_get_contents($path);4429: $privKeyStr = file_get_contents($this->DKIM_private);
  5. Malware : Network operations fsockopen was found in the file class.pop3.php 205: Rather than supress it with @fsockopen, let's capture it cleanly instead211: $this->pop_conn = fsockopen($host, // POP3 Hostfsockopen was found in the file class.smtp.php 128: $this->smtp_conn = @fsockopen($host, // the host of the server
  6. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : functions.php.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag custom-logo in style.css header.
  2. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are user-registration, newstore, twentythirteen, twentytwenty, your_text_domain.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  4. CSS files : Presence of license typeLicense: is missing from style.css header.
  5. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  6. CSS files : Presence of text domainText Domain: is missing from your style.css header.
Tip-off
  1. Use of includes : Use of include or requireThe theme appears to use include or require : mail.php 3: require 'phpmailer/class.phpmailer.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : r-u-login.php 3: require '../../../wp-load.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : video-page.php 34: <?php include 'sidebar-vid-post.php'; ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : vid-post-page.php 33: <?php include 'sidebar-vid-post.php'; ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : post-page.php 33: <?php include 'sidebar-vid-post.php'; ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : frontpage.php 34: <?php include 'sidebar-vid-post.php'; ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes