I downloaded and installed two themes from WordPress Themesbase. I installed and activated WP Multiflex 5 1.0 and found that in the footer there was a link to a generic drug company. The footer is coded in base64. I decoded the footer and found:
[spam-filled footer censored by moderator]
You can see the HREF. It appeasrs in the post as a url in blue.
I looked at the other theme from Themesbase and saw the same footer — encoded — and just deleted same.
It’s unfortunately a common practice amongst theme distribution sites. As the themes they distribute are licensed under the GPL, they’re free to apply whatever modifications they want to.
All of the themes offered in the official theme directory are free of advertisements and sponsored links.
Apologies to Leland and Theme Labs. The base64 coded spam in footers mentioned in my first post above are in wordpress themes from WordPress Themesbase (http://wordpressthemesbase.com/) and not from Theme Labs.
I’ve just checked.
Sorry for the confusion.
The base64 coded spam in footers . . . are in wordpress themes from WordPress Themesbase . . . and not from Theme Labs.
Hey everyone, Theme Lab is actually my site. I just wanted to clarify that there never has and never will be any themes hosted on my site with obfuscated code to hide ad links or other malicious things. Thanks to the moderators and original poster for helping clarify that this theme wasn’t actually downloaded from my site.
Unfortunately I really can’t control if someone takes a theme from my site, puts it on their own site and embeds their own obfuscated ad code in it, which is what happened in this case.
I’d recommend downloading free themes only from the WordPress.org theme directory and other trusted sources. If you search “wordpress themes” in Google and find a theme that way, chances are it will have encrypted code hiding several sponsored links that probably weren’t there in the original theme.
Just to be on the safe side, you should probably run all themes you get from other sites through a plugin called Theme Authenticity Checker which automatically checks for encrypted code and displays any outgoing links.
I’ve written about the issue in this post: Stop Downloading WordPress Themes from Shady Sites.
Also to the original poster, feel free to download a fresh copy of the WP Multiflex 5 theme if you don’t feel like messing with encrypted code.
- The topic ‘Embedded Spam in Theme from Themesbase’ is closed to new replies.