[OFFER ALERT!] This Halloween, Get Any Premium Theme for Just $19 [GET IT NOW]
Jump to content

btgrl54

Member
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Posts posted by btgrl54

  1. [Schema] Critical Issue When Checking in themecheck.org

    in Pre Sales Questions

    Posted

    Hi, you told that

    21 minutes ago, MistaPrime said:

    When you check themes through the "themecheck.org" you are looking at random errors that the theme checker is not able to determine where they come from, so anything that it doesn't know about is classified as a "security issue".

     
    Checker perfectly know where they come from. Check the list below. Also "themecheck.org" is good way to check WP theme. Can you assure me that listed below issues are not present in your theme?  
    Critical alerts
    line_content-home.png
    1. Security breaches : Modification of PHP server settings Found ini_set in file wordpress-importer.php. 
      Line 108: ini_set('max_execution_time', -1);
      Line 134: ini_set('max_execution_time', $max_execution_time);
      Found ini_set in file wordpress-importer.php. 
      Line 108: ini_set('max_execution_time', -1);
      Line 134: ini_set('max_execution_time', $max_execution_time);
    2. Security breaches : Use of base64_decode() Found base64_decode in file twitteroauth.php. 
      Line 141: $decoded_sig = base64_decode($signature); // base64_encode() required by Twitter!
    3. Security breaches : Use of base64_encode() Found base64_encode in file twitteroauth.php. 
       return base64_encode(hash_hmac('sha1', $base_string, $key, true)); // base64_encod
       return base64_encode($signature); // base64_encode() required by Twitter!
       $decoded_sig = base64_decode($signature); // base64_encode() required by Twitter!
    4. Malware : Operations on file system file_get_contents was found in the file parsers.php 
      Line 68: $contents = file_get_contents( $file );
      Line 275: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
      file_get_contents was found in the file parsers.php 
      Line 68: $contents = file_get_contents( $file );
      Line 275: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
      fopen was found in the file parsers.php 
      Line 421: $fp = $this->fopen( $file, 'r' );
      Line 647: function fopen( $filename, $mode = 'r' ) {
      Line 650: return fopen( $filename, $mode );
      fclose was found in the file parsers.php 
      Line 470: $this->fclose($fp);
      Line 665: function fclose( $fp ) {
      Line 668: return fclose( $fp );
      fopen was found in the file parsers.php 
      Line 421: $fp = $this->fopen( $file, 'r' );
      Line 647: function fopen( $filename, $mode = 'r' ) {
      Line 650: return fopen( $filename, $mode );
      fopen was found in the file parsers.php 
      Line 421: $fp = $this->fopen( $file, 'r' );
      Line 647: function fopen( $filename, $mode = 'r' ) {
      Line 650: return fopen( $filename, $mode );
      fclose was found in the file parsers.php 
      Line 470: $this->fclose($fp);
      Line 665: function fclose( $fp ) {
      Line 668: return fclose( $fp );
      fclose was found in the file parsers.php 
      Line 470: $this->fclose($fp);
      Line 665: function fclose( $fp ) {
      Line 668: return fclose( $fp );
      file_get_contents was found in the file radium-importer.php 
      Line 293: $data = file_get_contents( $file );
      Line 384: $data = file_get_contents( $file );
      file_get_contents was found in the file radium-importer.php 
      Line 293: $data = file_get_contents( $file );
      Line 384: $data = file_get_contents( $file );
      file_get_contents was found in the file parsers.php 
      Line 68: $contents = file_get_contents( $file );
      Line 275: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
      file_get_contents was found in the file parsers.php 
      Line 68: $contents = file_get_contents( $file );
      Line 275: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
      fopen was found in the file parsers.php 
      Line 421: $fp = $this->fopen( $file, 'r' );
      Line 647: function fopen( $filename, $mode = 'r' ) {
      Line 650: return fopen( $filename, $mode );
      fclose was found in the file parsers.php 
      Line 470: $this->fclose($fp);
      Line 665: function fclose( $fp ) {
      Line 668: return fclose( $fp );
      fopen was found in the file parsers.php 
      Line 421: $fp = $this->fopen( $file, 'r' );
      Line 647: function fopen( $filename, $mode = 'r' ) {
      Line 650: return fopen( $filename, $mode );
      fopen was found in the file parsers.php 
      Line 421: $fp = $this->fopen( $file, 'r' );
      Line 647: function fopen( $filename, $mode = 'r' ) {
      Line 650: return fopen( $filename, $mode );
      fclose was found in the file parsers.php 
      Line 470: $this->fclose($fp);
      Line 665: function fclose( $fp ) {
      Line 668: return fclose( $fp );
      fclose was found in the file parsers.php 
      Line 470: $this->fclose($fp);
      Line 665: function fclose( $fp ) {
      Line 668: return fclose( $fp );
      file_get_contents was found in the file radium-importer.php 
      Line 292: $data = file_get_contents( $file );
      Line 369: $data = file_get_contents( $file );
      file_get_contents was found in the file radium-importer.php 
      Line 292: $data = file_get_contents( $file );
      Line 369: $data = file_get_contents( $file );
      file_get_contents was found in the file plugin-activation.php 
      Line 2416: $plugin = @json_decode( @file_get_contents( 'https://api.wordpress.org/plugins/info/1.0/' . $item['s
      file_get_contents was found in the file twitteroauth.php 
      Line 201: //file_get_contents(self::$POST_INPUT)
    5. Malware : Network operations curl_init was found in the file twitteroauth.php 
      Line 1008: $ci = curl_init();
      curl_exec was found in the file twitteroauth.php 
      Line 1034: $response = curl_exec($ci);
    6. Admin menu : Themes should use add_theme_page() for adding admin pages. File theme-options.php : 
      Line 112: //the list of available parent menus is available here: http://codex.wordpress.org/Function_Reference/add_submenu_page#Parameters
      File plugin-activation.php : 
      Line 646: $this->page_hook = call_user_func( 'add_{$type}_page', $args['parent_slug'], $args['page_title'], $args['menu_t
      File plugin-activation.php : 
      Line 3922: add_menu_page(
×
×
  • Create New...