WordPress Theme Security Vulnerabilities

  • I feel it is my duty to highlight some security vulnerabilities related to WordPress themes, and ask how the problems can be resolved.
    When you upload a WordPress theme to your webserver you are uploading not just a benign template, but a PHP program which can contain code that performs pretty much anything.
    I have given some examples of problems including blackhat code on my blog.

    I hope that someone has thought these problems through and can provide an answer for the WP community?

Viewing 4 replies - 1 through 4 (of 4 total)

  • So instead of actually listing the issues you’ve come across, you’re just driving up traffic to your site and having folks view your adverts.

    Nice.

    themey, are you a blackhat?

    Yes, themey seems to specialise in being so busy trying to drive traffic to her website that she has no time to fix her site errors that I reported over two weeks ago.

    Thread Starter themey

    (@themey)

    drmike: I can’t show images here can I? If you would like to reproduce the story on the forum you are welcome to.
    charlie97: nope, I’m not a blackhat. If I was I would have used this information rather than sharing it.
    pizdin_dim: Thanks for the information about the errors. I actually can’t reproduce them, maybe you could detail which browser you are using. Sorry I didn’t see your reply the first time ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘WordPress Theme Security Vulnerabilities’ is closed to new replies.