0
Validation results

Uncode

Uncode

WordPress 5.3 theme
0
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_decode() Found base64_decode in file vc_gallery.php. 185: $items = json_decode( base64_decode( strip_tags( $items ) ), true);Found base64_decode in file uncode_index.php. 339: $items = json_decode( base64_decode( strip_tags( $items ) ), true);340: $matrix_items = json_decode( base64_decode( strip_tags( $matrix_items ) ), true);Found base64_decode in file radium-importer.php. 884: $options = unserialize( base64_decode( $data ) );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe width="100%" scrolling="no" frameborder="no" src="' . $iframe_url . '&color='.$accent_color.'&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false"> in file helpers.php. 626: $media_oembed = '<iframe width='100%' scrolling='no' frameborder='no' src='' . $iframe_url .Found <iframe width="100%" scrolling="no" frameborder="no" src="' . $iframe_url . '&color='.$accent_color.'&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false"> in file elements.php. 141: $content_html = '<iframe width='100%' scrolling='no' frameborder='no' src='' . $iframe_url .
  4. Malware : Operations on file system fopen was found in the file create-child-theme.php 48: $functions_file = fopen($child_theme_dir_path . '/functions.php', 'w') or wp_die('Couldn't cr52: $script_file = fopen($child_theme_dir_path . '/style.css', 'w') or wp_die('Couldn't createfwrite was found in the file create-child-theme.php 50: fwrite($functions_file, $functions_file_content);54: fwrite($script_file, $script_file_content);fopen was found in the file create-child-theme.php 48: $functions_file = fopen($child_theme_dir_path . '/functions.php', 'w') or wp_die('Couldn't cr52: $script_file = fopen($child_theme_dir_path . '/style.css', 'w') or wp_die('Couldn't createfwrite was found in the file create-child-theme.php 50: fwrite($functions_file, $functions_file_content);54: fwrite($script_file, $script_file_content);fopen was found in the file parsers.php 419: $fp = $this->fopen( $file, 'r' );637: function fopen( $filename, $mode = 'r' ) {640: return fopen( $filename, $mode );fclose was found in the file parsers.php 468: $this->fclose($fp);655: function fclose( $fp ) {658: return fclose( $fp );fopen was found in the file parsers.php 419: $fp = $this->fopen( $file, 'r' );637: function fopen( $filename, $mode = 'r' ) {640: return fopen( $filename, $mode );fopen was found in the file parsers.php 419: $fp = $this->fopen( $file, 'r' );637: function fopen( $filename, $mode = 'r' ) {640: return fopen( $filename, $mode );fclose was found in the file parsers.php 468: $this->fclose($fp);655: function fclose( $fp ) {658: return fclose( $fp );fclose was found in the file parsers.php 468: $this->fclose($fp);655: function fclose( $fp ) {658: return fclose( $fp );
  5. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php : 729: $this->page_hook = add_submenu_page( $args['parent_slug'], $args['page_title'], $args['menu_tiFile media-enhanced.php : 4: add_submenu_page( 'upload.php', esc_html__('Add oEmbed, external IMG, SVG cFile admin.php : 18: add_menu_page( 'UNCODE', UNCODE_NAME, 'administrator', 'uncode-system-statuFile admin.php : 19: add_submenu_page( 'uncode-system-status', 'UNCODE', esc_html__('System Stat1150: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod1837: add_submenu_page( 'uncode-system-status', 'UNCODE', esc_html__( 'Related PoFile admin.php : 19: add_submenu_page( 'uncode-system-status', 'UNCODE', esc_html__('System Stat1150: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod1837: add_submenu_page( 'uncode-system-status', 'UNCODE', esc_html__( 'Related PoFile admin.php : 19: add_submenu_page( 'uncode-system-status', 'UNCODE', esc_html__('System Stat1150: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod1837: add_submenu_page( 'uncode-system-status', 'UNCODE', esc_html__( 'Related PoFile support.php : 30: add_submenu_page( 'uncode-system-status', esc_html__( 'Support', 'uncode' )File ot-settings-api.php : 99: $theme_check_bs = 'add_menu_page';File ot-settings-api.php : 100: $theme_check_bs2 = 'add_submenu_page';File ot-cleanup-api.php : 82: $theme_check_bs = 'add_menu_page';File font-system.php : 58: $this->fonts_page_name = add_submenu_page('uncode-system-status', 'Font Stacks', 'Font Stacks', 'ediFile radium-importer.php : 88: add_submenu_page('uncode-system-status', esc_html__('Import Demo','uncode')
  6. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was revslider.zip vc_clipboard.zip uncode-core.zip uncode-js_composer.zip vcparticlesbackground.zip uncode-daves-wordpress-live-search.zip layersliderwp.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'To use Uncode and register your product, please make sure you are running at least PHP 5.6 or greater. WordPress officially recommends PHP 7.2 or greater. Please ask your host to update your PHP version. %s' in file welcome.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file footer.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file elements.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are uncode, woocommerce, tgmpa, option-tree, related-posts-for-wp, wordpress-importer.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  5. I18N implementation : Proper use of ___all(Possible variable $footer_content found in translation function in footer.php. Translation function calls should not contain PHP variables. Possible variable $block_text found in translation function in elements.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in headers.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in headers.php. Translation function calls should not contain PHP variables.
  6. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file media-enhanced.php.297: <h2><?php esc_html_e('Add oEmbed, external IMG, SVG code, HTML or Shortcode','uncode'); ?> <a href='upload.php?page=add-other' class='add-new-h2'><?php esc_html_e('Add New','u375: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other'; ?>' value='<?php esc_html_e('Save','uncode'); ?379: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other&postid='.$_REQUEST['postid'].'&updated=1'; ?>' va
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : Data.php 67: require_once (ABSPATH . '/wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : admin.php 7: require_once 'admin-pages/uncode-panel-functions.php';9: require_once 'admin-pages/support.php';13: require_once 'admin-pages/welcome.php';762: require_once ('edit_custom_walker.php');1015: require_once (ABSPATH . '/wp-admin/includes/file.php');1171: require_once( UNCODE_EXPORT_TEMPLATE );1173: require_once( 'export/uncode_export_template.php' );1277: require_once(ABSPATH . 'wp-admin/includes/file.php');1342: require_once( ABSPATH . 'wp-admin/includes/image.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : loader.php 11: require_once 'class-api-license.php';12: require_once 'class-envato-api.php';13: require_once 'class-theme-registration.php';14: require_once 'class-theme-updater.php';15: require_once 'api-functions.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : customizer-woocommerce.php 237: include_once( get_template_directory() . '/woocommerce/widgets/widget-price If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : welcome.php 229: require_once (ABSPATH . '/wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : uncode-ajax.php 11: require_once( $wp_root_path . '/wp-load.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : ot-loader.php 553: include_once( $file ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : font-system.php 672: require_once (ABSPATH . '/wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : init.php 14: require_once( dirname( __FILE__ ) . '/importer/radium-importer.php' ); //lo If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : parsers.php 62: require_once (ABSPATH . '/wp-admin/includes/file.php');268: require_once (ABSPATH . '/wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : radium-importer.php 142: require_once (ABSPATH . '/wp-admin/includes/file.php');771: require_once($class_wp_importer);786: require_once($class_wp_import);800: require_once (ABSPATH . '/wp-admin/includes/file.php');865: require_once (ABSPATH . '/wp-admin/includes/file.php');968: require_once (ABSPATH . '/wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : wordpress-importer.php 168: require_once (ABSPATH . '/wp-admin/includes/file.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes