0
Validation results

Scalia

Scalia

WordPress 6.5.2 theme
0
  • THEME TYPEWordPress theme 6.5.2
  • FILE NAMEScalia_theme.zip
  • FILE SIZE4050968 bytes
  • MD58ec211c587b6512586b69a389b754c1e
  • SHA1c3be8ef1f37e1aa76818c5deb82330eae36b0f40
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://codex-themes.com/scalia/
  • VERSION1.6.3.1
  • AUTHOR URI
  • TAGSone-column, two-columns, left-sidebar, right-sidebar, responsive-layout, custom-background, custom-colors, custom-header, custom-menu, featured-images, flexible-header, full-width-template, theme-options, translation-ready, dark, light
  • CREATION DATE2020-01-16
  • LAST FILE UPDATE2020-03-01
  • LAST VALIDATION2020-03-01 18:47
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Modification of PHP server settings Found ini_set in file deploy.php. 4: ini_set('display_errors',1);747: ini_set('output_buffering', 'off');748: ini_set('zlib.output_compression', false);750: ini_set('implicit_flush', true);
  3. Security breaches : Use of base64_decode() Found base64_decode in file options.php. 3252: update_option('scalia_theme_options', unserialize(base64_decode($settings['settings'])));3256: update_option('scalia_theme_options', unserialize(base64_decode($_REQUEST['import_settings'])));
  4. Security breaches : Use of base64_encode() Found base64_encode in file options.php. 
     <textarea name='import_settings' cols='100' rows='8'><?php if($settings = get_option('scalia_theme_options')) { echo base64_encode(serialize($settings)); } ?></textarea>
     update_option('scalia_theme_options_backup', array('date' => time(), 'settings' => base64_encode(serialize($settings))));
  5. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJRjs" width="100%" height="480"> in file vc_gmaps.php. 6: 'link' => '<iframe src='https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJFound <iframe src="about:blank" name="log" style="width:100%;height:100%;"> in file deploy.php. 763: <iframe src='about:blank' name='log' style='width:100%;height:100%;'></ifraFound <iframe src="'.esc_url($link).'" frameborder="0"> in file content.php. 510: $video_block = '<iframe src=''.esc_url($link).'' frameborder='0'></iframe>';
  6. Malware : Operations on file system file_put_contents was found in the file deploy.php 546: $res=file_put_contents($filename,$content);file_put_contents was found in the file options.php 3301: file_put_contents(get_stylesheet_directory() . '/css/custom.css', $custom_c3302: file_put_contents(get_template_directory() . '/css/style-editor.css', $editfile_put_contents was found in the file options.php 3301: file_put_contents(get_stylesheet_directory() . '/css/custom.css', $custom_c3302: file_put_contents(get_template_directory() . '/css/style-editor.css', $editfile_get_contents was found in the file functions.php 451: $fontsList = json_decode(file_get_contents($font_file));
  7. Malware : Network operations curl_init was found in the file deploy.php 422: $ch = curl_init();curl_exec was found in the file deploy.php 430: $result = curl_exec($ch);
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in woocommerce.php. Themes must not deregister core scripts. 9: wp_deregister_script('wc-country-select');
  2. special URIs : Presence of bad theme tagsTheme URI and Author URI should not be the same.
  3. theme tags : Presence of bad theme tagsThe tag responsive-layout has been deprecated, it must be removed from style.css header.The tag dark has been deprecated, it must be removed from style.css header.The tag light has been deprecated, it must be removed from style.css header.
  4. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'woocommerce' in file review.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'You must be <a href="%s">logged in</a> to post a comment.' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'You must be <a href="%s">logged in</a> to post a comment.' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Install Required Plugins' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Install Plugins' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Installing Plugin: %s' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Something went wrong with the plugin API.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file plugins.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Activate installed plugin', 'Activate installed plugins' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Return to Required Plugins Installer' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Plugin activated successfully.' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'All plugins installed and activated successfully. %s' in file plugins.php.Found a translation function that is missing a text-domain. Function __, with the arguments '<span class="fn">%s</span>' in file content.php.Found a translation function that is missing a text-domain. Function esc_attr_x, with the arguments 'Search', 'submit button' in file content.php.Found a translation function that is missing a text-domain. Function esc_attr_x, with the arguments 'Search', 'submit button' in file content.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'TTF <span class="count">(%s)</span>', 'TTFs <span class="count">(%s)</span>' in file functions.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'EOT <span class="count">(%s)</span>', 'EOTs <span class="count">(%s)</span>' in file functions.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'WOFF <span class="count">(%s)</span>', 'WOFFs <span class="count">(%s)</span>' in file functions.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'SVG <span class="count">(%s)</span>', 'SVGs <span class="count">(%s)</span>' in file functions.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are scalia, woocommerce, thegem, js_composer, tgmpa.
  5. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  6. I18N implementation : Proper use of ___all(Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in plugins.php. Translation function calls should not contain PHP variables.
  7. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  8. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  9. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : deploy.php 708: $config = new Config(require(CONFIG_FILE),$argv[1]);719: $config = new Config(require(FRONT_CONFIG_FILE),'default');726: $config = new Config(require(CONFIG_FILE),'default');736: $config = new Config(require(CONFIG_FILE),$argv[0]); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : content.php 430: include(locate_template('content-news-carousel-item.php'));444: include(locate_template('content-blog-item.php')); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : megamenu.class.php 291: include_once( dirname(__FILE__) . '/edit-megamenu-walker.class.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
37

WordPress 6.5.2 theme

0

WordPress 6.5.2 theme

0

WordPress 6.5.2 theme