I feel it is my duty to highlight some security vulnerabilities related to WordPress themes, and ask how the problems can be resolved.
When you upload a WordPress theme to your webserver you are uploading not just a benign template, but a PHP program which can contain code that performs pretty much anything.
I have given some examples of problems including blackhat code on my blog.
I hope that someone has thought these problems through and can provide an answer for the WP community?
- The topic ‘WordPress Theme Security Vulnerabilities’ is closed to new replies.