Title: This theme is really fine Last modified: September 3, 2016 --- # This theme is really fine * [Arash](https://wordpress.org/support/users/arashvahdati/) * (@arashvahdati) * [11 years, 7 months ago](https://wordpress.org/support/topic/this-theme-has-a-malware-inside/) Viewing 3 replies - 1 through 3 (of 3 total) * [dylan](https://wordpress.org/support/users/dylan/) * (@dylan) * [11 years, 5 months ago](https://wordpress.org/support/topic/this-theme-has-a-malware-inside/#post-7889023) * It is entirely possible that the malware came into the theme’s files after it was installed or from another source than the original files. Have you checked a fresh download for the same malware code? * [YoArts](https://wordpress.org/support/users/yoarts/) * (@yoarts) * [11 years, 3 months ago](https://wordpress.org/support/topic/this-theme-has-a-malware-inside/#post-7889028) * Can you give me more information for further checking. Where you are downloaded this theme? * [Rick Beckman](https://wordpress.org/support/users/brazenlygeek/) * (@brazenlygeek) * [11 years, 2 months ago](https://wordpress.org/support/topic/this-theme-has-a-malware-inside/#post-7889030) * Flat’s publicly hosted on GitHub — its code is there for anyone to see. I can assure you, it contains no malware. Over the past few weeks, a few potential XSS issues have been resolved by adding in more of WordPress’ sanitization functions where needed, but as for directly containing malware? No. * Generally, if your site is hacked — commonly by an automated script — the malicious code that they add will be added to your theme files, regardless of what the theme actually is. A former client of mine had her site attacked and her theme, based on the über popular Genesis framework, received all sorts of nasty code, resulting in a Chrome browser malware warning on her site. * If your site is hacked and has malware, you need to change all of your passwords to something insane (mixing symbols in is less important than the length of your password; the more bits your password has, the longer it’ll take to crack) — FTP and/or shell account, web host, WordPress admin panel, etc. etc. Anything connected with your site. * Your webhost’s server logs should allow you to search for weird query strings or other suspicious behavior, and your webhost may work with you to find the source of the problem. * If, ultimately, the problem was with Flat — an insecure function call, a variable not properly sanitized, etc. — please let us know, and we will harden that part of the theme further. * Thanks. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘This theme is really fine’ is closed to new replies. * ![](https://i0.wp.com/themes.svn.wordpress.org/flat/1.7.11/screenshot.png) * Flat * [Support Threads](https://wordpress.org/support/theme/flat/) * [Active Topics](https://wordpress.org/support/theme/flat/active/) * [Unresolved Topics](https://wordpress.org/support/theme/flat/unresolved/) * [Reviews](https://wordpress.org/support/theme/flat/reviews/) * 3 replies * 4 participants * Last reply from: [Rick Beckman](https://wordpress.org/support/users/brazenlygeek/) * Last activity: [11 years, 2 months ago](https://wordpress.org/support/topic/this-theme-has-a-malware-inside/#post-7889030)