0
Validation results

The7

The7

WordPress 6.7.1 theme
0
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file button.php. 105: $attributes['icon'] = wp_kses( rawurldecode( base64_decode( $attributes['icon'] ) ), array( 'i' => array( 'class' => arrFound base64_decode in file text-with-icon.php. 196: $icon_html = wp_kses( rawurldecode( base64_decode( $this->atts['icon'] ) ), array( 'i' => array( 'class' => arrFound base64_decode in file default-button.php. 83: $icon_html = wp_kses( rawurldecode( base64_decode( $this->atts['icon'] ) ), array( 'i' => array( 'class' => arrFound base64_decode in file contact-form.php. 79: 'terms_msg' => rawurldecode( base64_decode( $terms_msg ) ),Found base64_decode in file options-framework.php. 952: $import_options = @unserialize( @base64_decode( $input['import_export'] ) );
  2. Security breaches : Use of base64_encode() Found base64_encode in file the7-contact-form-bridge.php.
     'value' => base64_encode( rawurlencode( wp_kses_post( _x( 'By using this form you agre
    Found base64_encode in file class-the7-extend-image-widget.php.
     $image_content = base64_encode( $image_content );
    Found base64_encode in file class-the7-option-field-import-export-options.php.
     $val = base64_encode( serialize( $this->settings ) );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.facebook.com/plugins/like.php?href=' . esc_url( $url ) . '&amp;layout=' . esc_attr( $type ) . '&amp;show_faces=false&amp;action=like&amp;colorscheme=light" scrolling="no" frameborder="0" allowTransparency="true"> in file vc_facebook.php. Found <iframe src="' . esc_url( $src ) . '" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" width="500" height="' . $height . '"> in file map.php. 78: $output = '<div class='' . esc_attr( $classes ) . '' style='' . esc_attr( $style ) . ''><iframe src='' . esc_url( $src ) . '' frameborder='0' marginwidth='0' margiFound <iframe id="the7-customizer-preview" src="%s" frameborder="0"> in file options-framework.php. 566: '<iframe id='the7-customizer-preview' src='%s' frameborder='0'></iframe>',
  4. Malware : Operations on file system file_get_contents was found in the file class-the7-extend-image-widget.php 218: $image_content = file_get_contents( $image_path );file_get_contents was found in the file class-the7-demo-content-import-manager.php 641: $this->site_meta = json_decode( file_get_contents( $this->content_dir . 'site-meta.json' ), true );file_get_contents was found in the file the7_lessc.inc.php 124: $root = $parser->parse(file_get_contents($realPath));1874: $out = $this->compile(file_get_contents($fname), $fname);fwrite was found in the file the7_lessc.inc.php 714: // fwrite(STDERR,'failed to find block: '.implode(' > ', $path).'\n');file_get_contents was found in the file the7_lessc.inc.php 124: $root = $parser->parse(file_get_contents($realPath));1874: $out = $this->compile(file_get_contents($fname), $fname);file_put_contents was found in the file the7_lessc.inc.php 1879: return file_put_contents($outFname, $out);file_get_contents was found in the file parsers.php 73: $success = $dom->loadXML( file_get_contents( $file ) );305: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {file_get_contents was found in the file parsers.php 73: $success = $dom->loadXML( file_get_contents( $file ) );305: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {fopen was found in the file parsers.php 452: $fp = $this->fopen( $file, 'r' );679: function fopen( $filename, $mode = 'r' ) {682: return fopen( $filename, $mode );fclose was found in the file parsers.php 501: $this->fclose($fp);697: function fclose( $fp ) {700: return fclose( $fp );fopen was found in the file parsers.php 452: $fp = $this->fopen( $file, 'r' );679: function fopen( $filename, $mode = 'r' ) {682: return fopen( $filename, $mode );fopen was found in the file parsers.php 452: $fp = $this->fopen( $file, 'r' );679: function fopen( $filename, $mode = 'r' ) {682: return fopen( $filename, $mode );fclose was found in the file parsers.php 501: $this->fclose($fp);697: function fclose( $fp ) {700: return fclose( $fp );fclose was found in the file parsers.php 501: $this->fclose($fp);697: function fclose( $fp ) {700: return fclose( $fp );
  5. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-the7-dev-admin-page.php : 12: add_action( 'admin_menu', array( __CLASS__, 'add_menu_page' ) );18: public static function add_menu_page() {21: $page_slug = add_menu_page(File class-the7-dev-admin-page.php : 12: add_action( 'admin_menu', array( __CLASS__, 'add_menu_page' ) );18: public static function add_menu_page() {21: $page_slug = add_menu_page(File class-the7-tgm-plugin-activation.php : 724: $this->page_hook = add_plugins_page( $args['page_title'], $args['menu_title'], $args['capabiliFile class-the7-admin-dashboard.php : 53: add_action( 'admin_menu', array( $this, 'add_menu_page' ) );69: public function add_menu_page() {73: $the7_page = add_menu_page( $dashboard['title'], __( 'The7', 'the7mk2' ), $dashboard['caFile class-the7-admin-dashboard.php : 53: add_action( 'admin_menu', array( $this, 'add_menu_page' ) );69: public function add_menu_page() {73: $the7_page = add_menu_page( $dashboard['title'], __( 'The7', 'the7mk2' ), $dashboard['caFile class-the7-admin-dashboard.php : 93: $hook_suffix = add_submenu_page( $page['dashboard_slug'], $page['title'], $page['title'], File class-the7-icon-manager.php : 39: $hook_suffix = add_submenu_page(File core-functions.php : 1235: function the7_add_submenu_page_after( $parent_slug, $page_title, $menu_title, $capability1236: $hook = add_submenu_page( $parent_slug, $page_title, $menu_title, $capability, $menFile options-framework.php : 333: $main_page_id = add_menu_page(File options-framework.php : 349: $sub_page_id = add_submenu_page(
  6. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : class-the7-options-preview.php.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag multipurpose in style.css header.Found wrong tag responsive in style.css header.Found wrong tag retina ready in style.css header.Found wrong tag SEO ready in style.css header.Found wrong tag mobile friendly in style.css header.Found wrong tag iOS in style.css header.Found wrong tag material design in style.css header.Found wrong tag clean in style.css header.Found wrong tag minimal in style.css header.Found wrong tag business in style.css header.Found wrong tag corporate in style.css header.Found wrong tag creative in style.css header.Found wrong tag one page site in style.css header.Found wrong tag micro site in style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is the7.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Layout 1', 'dt-the7-core' in file the7-text-with-icon-bridge.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Layout 2', 'dt-the7-core' in file the7-text-with-icon-bridge.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Layout 3', 'dt-the7-core' in file the7-text-with-icon-bridge.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Layout 4', 'dt-the7-core' in file the7-text-with-icon-bridge.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Layout 5', 'dt-the7-core' in file the7-text-with-icon-bridge.php.Found a translation function that is missing a text-domain. Function __, with the arguments "Icon" in file the7-icon-bridge.php.Found a translation function that is missing a text-domain. Function __, with the arguments "Social Icon Item" in file the7-social-icon-bridge.php.Found a translation function that has an incorrect number of arguments. Function _x, with the arguments '', ' ', vc inline dummy, 'the7mk2' in file single-soc-icon.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'the7mk2' in file class-the7-elementor-kit-manager-control.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'the7mk2' in file class-the7-demo-content-import-manager.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'the7mk2' in file posts-defaults.php.Found a translation function that has an incorrect number of arguments. Function esc_html_e, with the arguments 'Import the entire content', admin, 'the7mk2' in file demo.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'The7 BETA tester:' in file the7-status.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Normal', theme-options, 'the7mk2' in file class-the7-option-field-web-fonts.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Italic', theme-options, 'the7mk2' in file class-the7-option-field-web-fonts.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'Oblique', theme-options, 'the7mk2' in file class-the7-option-field-web-fonts.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Remove Image' in file Tax-meta-class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Upload Image' in file Tax-meta-class.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are the7mk2, woocommerce, dt-the7-core, js_composer, vc inline dummy, elementor-pro, elementor, plugin-domain, wordpress-importer, tgmpa, admin, theme-options, categories, ,, tax-meta.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file admin-bar.min.css.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  8. I18N implementation : Proper use of _e(Possible variable $str found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $arg found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $items found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $string found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $val found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $newUnit found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $res found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $key found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $part found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in the7_lessc.inc.php. Translation function calls should not contain PHP variables.
  9. I18N implementation : Proper use of ___all(Possible variable $id found in translation function in class-the7-elementor-kit-manager-control.php. Translation function calls should not contain PHP variables. Possible variable $file_name found in translation function in class-the7-demo-content-import-manager.php. Translation function calls should not contain PHP variables. Possible variable $action found in translation function in posts-defaults.php. Translation function calls should not contain PHP variables.
  10. I18N implementation : Proper use of _x(Possible variable $title found in translation function in single-soc-icon.php. Translation function calls should not contain PHP variables. Possible variable $value found in translation function in options-sanitize.php. Translation function calls should not contain PHP variables.
  11. I18N implementation : Proper use of esc_html___all(Possible variable $file_name found in translation function in class-the7-demo-content-import-manager.php. Translation function calls should not contain PHP variables.
  12. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in deprecated-functions.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.Possible Favicon found in html-helpers.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file the7-text-with-icon-bridge.php.375: 'description' => 'f.e. <code>&lt;i class='fa fa-arrow-circle-right'&gt;&lt;/i&gt;</code> <a href='http://fontawesome.io/icons/' target='_blank'>http://fontawesome.io/icons/<Possible hard-coded links were found in the file the7-default-button-bridge.php.449: 'description' => 'f.e. <code>&lt;i class='fa fa-arrow-circle-right'&gt;&lt;/i&gt;</code> <a href='http://fontawesome.io/icons/' target='_blank'>http://fontawesome.io/icons/<Possible hard-coded links were found in the file the7-dashboard.php.55: <li><a href='http://guide.the7.io/start/' target='_blank' class='the7-dashboard-icons-ro55: <li><a href='http://guide.the7.io/start/' target='_blank' class='the7-dashboard-icons-ro56: <li><a href='http://guide.the7.io/' target='_blank' class='the7-dashboard-icons-graduati57: <li><a href='http://support.dream-theme.com' target='_blank' class='the7-dashboard-iconsPossible hard-coded links were found in the file status.php.54: <a href='http://support.dream-theme.com/knowledgebase/allowed-memory-size-error/' taPossible hard-coded links were found in the file options-contact-form.php.163: 'desc' => sprintf( _x( 'Enter valid API keys below to enable Google ReCaptcha v2 (checkbox) on all The7 contact forms (widgets and shortcodes). %s.', 'theme-options', 'the7mk2' ), '<a href='https://developers.google.com/recaptcha/intro' target='_blank'>' . _x( 'DocPossible hard-coded links were found in the file options-framework.php.1038: $error = _x( 'Theme options cannot be saved. Not enough memory available. Please try to increase <a href='http://support.dream-theme.com/knowledgebase/allowed-memory-size-error/' tiPossible hard-coded links were found in the file bottom-bar.php.42: echo '&nbsp;Dream-Theme &mdash; truly <a href='http://dream-theme.com' target='_blank'>premium WordPress themes</a>';
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  7. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : vc-extensions.php 840: include( $path . $font_data['include'] . '/' . $font_data['config'] ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : custom-menu-1.php 13: require_once 'widgets-custom-menu.class.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : custom-menu-2.php 13: require_once 'widgets-custom-menu.class.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : blog-categories.php 13: require_once 'widgets-posts-categories.class.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-the7-woocommerce-compatibility.php 18: 19: 22: 23: 24: 25: 51: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-the7-elementor-widgets.php 197: require_once( __DIR__ . '/widgets/' . $widget_filename . '.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : mod-the7-compatibility.php 50: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-the7-install.php 235: include( __DIR__ . '/views/html-notice-update.php' );239: include( __DIR__ . '/views/html-notice-updating.php' );243: include( __DIR__ . '/views/html-notice-updated.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-the7-background-updater.php 13: include_once( dirname( __FILE__ ) . '/libraries/wp-async-request.php' );17: include_once( dirname( __FILE__ ) . '/libraries/wp-background-process.php' If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : the7-update-utility-functions.php 153: include( PRESSCORE_SHORTCODES_INCLUDES_DIR . '/class-the7-shortcode-id-crut157: include( PRESSCORE_DIR . '/vendor/lessphp/the7_lessc.inc.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : the7-update-functions.php 174: include( PRESSCORE_SHORTCODES_INCLUDES_DIR . '/class-the7-shortcode-id-crut If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : theme-update.php 284: include( dirname( __FILE__ ) . '/views/html-notice-registration.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : load-meta-boxes.php 10: require 'meta-boxes/taxonomy-meta-box.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : meta-box.php 15: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/override-field21: require_once( THE7_RWMB_DIR . 'meta-box.php' );27: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/metabox-fields28: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/class-the7-rwm If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes