[wp-hackers] Themes Being Unofficially Distributed with Security Vulnerabilities - Time for an Official Theme Repository?

Viper007Bond viper at viper007bond.com
Mon Nov 26 08:06:23 GMT 2007


Uh, http://themes.wordpress.net/ ? It's not on the .org domain, but from my
understanding, it's semi-official.

On 11/25/07, Ronald Heft <ron at cavemonkey50.com> wrote:
>
> It has come to my attention that sites are beginning to unofficially
> distribute WordPress themes with security vulnerabilities injected into
> them. As Derek Punsalan points out, many of these themes are making sites
> spam zombies and the re-distributors are purchasing adwords to bait more
> people.
> http://5thirtyone.com/archives/870
>
> While issues like this will become more common as WordPress continues to
> gain popularity, we can do some things to stop sites like this from
> some succeeding. One idea comes to mind of an official theme repository.
> We
> already have one for plugins (and it appears successful), why not themes?
>
> Sure, there are already semi-official theme directories, but there is no
> current central location to download themes. Having an official theme
> directory/repository would help ensure users they're downloading the
> themes
> directly from the author and not a hacker. Obviously this won't completely
> stop the issue, but in my mind it should make downloading themes a more
> safe
> experience.
>
> --
> Ronald Heft, Jr.
> Information Sciences and Technology
> Pennsylvania State University
>
> cavemonkey50.com
> 9rules Network
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



-- 
Viper007Bond | http://www.viper007bond.com/


More information about the wp-hackers mailing list