How to enable allow_url_fopen

Maybe you can edit that plugin code so it recognizes or bypass that check altogether

Use of a nulled theme – the wp-vcd malware (or some other form like a trojan) in many cases comes pre-installed with every downloaded theme from nulled theme websites.