9
Validation results

TheGem (WPBakery)

TheGem (WPBakery)

WordPress 5.6.2 theme
9
  • THEME TYPEWordPress theme 5.6.2
  • FILE NAMETheGem-WPBakery.zip
  • FILE SIZE4552840 bytes
  • MD5c61dcd3f801e605a0ac2c2cd408bc42f
  • SHA1e75c4d11bcf05b85ab4eba0df374129c8881e2dc
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://codex-themes.com/thegem/
  • VERSION4.5.8.1
  • TAGSone-column, two-columns, left-sidebar, right-sidebar, custom-background, custom-colors, custom-header, custom-menu, featured-images, flexible-header, full-width-template, theme-options, translation-ready
  • CREATION DATE2021-02-11
  • LAST FILE UPDATE2021-02-11
  • LAST VALIDATION2021-02-11 01:30
  • OTHER VERSIONS

    4.1.2 : 30%

    4.0.1 : 31%

    3.8.3.1 : 31%

This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file vc_row.php. 245: $output .= PHP_EOL.'<style>'.PHP_EOL.thegem_addPrefixToCssSelectors('#'.esc_attr( $el_id ), rawurldecode(base64_decode(wp_strip_all_tags($custom_css_code)))).PHP_EOL.'</style>'.PHP
  2. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJRjs" width="100%" height="480"> in file vc_gmaps.php. 6: 'link' => '<iframe src='https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJFound <iframe src="'.esc_url($link).'" frameborder="0"> in file content.php. 636: $video_block = '<iframe src=''.esc_url($link).'' frameborder='0'></iframe>';
  3. Malware : Operations on file system file_get_contents was found in the file functions.php 713: $font_json_file = file_get_contents(get_template_directory() . '/fonts/webfonts.json');
  4. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php : 724: $this->page_hook = add_submenu_page( $args['parent_slug'], $args['page_title'], $args['menu_tiFile options.php : 5929: $page = add_submenu_page('thegem-theme-options',esc_html__('TheGem Theme Options','File image-generator.php : 187: add_submenu_page(null, esc_html__('TheGem thumbnails','thegem'), esc_html__File functions.php : 136: $page = add_menu_page(esc_html__('TheGem','thegem'), esc_html__('TheGem','thegem'),File functions.php : 1939: $page = add_submenu_page('thegem-theme-options', esc_html__('Self-Hosted Fonts','th2198: $page = add_submenu_page(NULL, esc_html__('Add new social network','thegem'), '', 'File functions.php : 1939: $page = add_submenu_page('thegem-theme-options', esc_html__('Self-Hosted Fonts','th2198: $page = add_submenu_page(NULL, esc_html__('Add new social network','thegem'), '', '
Warning
  1. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is thegem-wpbakery.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'Save my name, email, and website in this browser for the next time I comment.' in file single-product-reviews.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Save my name, email, and website in this browser for the next time I comment.' in file comments.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are thegem, woocommerce, yith-woocommerce-wishlist, tgmpa, default, contact-form-7.
  3. PHP short tags : Presence of PHP short tagsPHP short tags were found in file plugins.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.421: <img src='<?= get_template_directory_uri() . '/images/elementor-logo.svg' ?>' width='425: <p><b><?= __('TheGem for Elementor released!', 'thegem')?></b></p>426: <p><?= __('100% compatibility with Elementor and Elementor Pro. With all 400+ 427: <p><a href='//democontent.codex-themes.com/plugins/thegem/theme/elementor_update.html' class='thegem-elementor-notice-link'><b><?= __('Learn more...', 'thegem') ?></b></a> | <a href='#' class='thegem-no445: let name = '<?= esc_attr('thegem_elementor_available_notice'); ?>';446: let value = encodeURIComponent('<?= esc_attr('1.0.0'); ?>') + ('; expires=' + dt.toUTCString());PHP short tags were found in file lazy-items.class.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.56: visibilityOffset: <?=floatval($this->visibilityOffset)?>,PHP short tags were found in file init.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.181: <div class='page-title-background-ken-burns-options-box' style='display: <?= $page_data['title_background_effect']=='ken_burns' ? 'block' : 'none' ?
  4. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file style-editor.css.Found a mix of \r\n and \n line endings in file thegem-itemsAnimations.css.Found a mix of \r\n and \n line endings in file thegem-itemsAnimations.js.
  5. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file style.css.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  8. I18N implementation : Proper use of _x(Possible variable $v found in translation function in functions.php. Translation function calls should not contain PHP variables.
  9. CSS files : Presence of Author URICould not find Author URI.
  10. Date and time implementation : Use of the_date()At least one hard coded date was found in the file content.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : content.php 545: include(locate_template('content-news-carousel-item.php'));555: include(locate_template('gem-templates/blog/content-blog-item-slider.php'))574: include(locate_template(array('gem-templates/blog/content-blog-item-masonry576: include(locate_template(array('gem-templates/blog/content-blog-item-justifi578: include(locate_template(array('gem-templates/blog/content-blog-item-'.$blog If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : megamenu.class.php 321: include_once( get_template_directory() . '/inc/megamenu//edit-megamenu-walk If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : search.php 77: include(locate_template(array('gem-templates/blog/content-blog-item-masonry If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes