• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WPSecurityLock – Malware removal & WordPress security services

WPSecurityLock – Malware removal & WordPress security services

WordPress security, malware removal, repair, backups, ongoing maintenance, installation, site migration & support services – WP Security Lock.

  • Facebook
  • LinkedIn
  • Twitter
  • Home
  • About
    • About Us
    • Speaker Information
    • Contact Us by Phone, Email or Live Chat
    • Testimonials
  • Security Services
    • Malware / Virus Removal
    • WordPress Security and Installation Services
    • Monthly Security Packages
    • SSL Conversion Service (HTTP to HTTPS)
  • Blog
  • Resources
  • Contact
  • SafeWP

WordPress Security Theme Report: Vulnerabilities and Fixes 06-19-2012

June 19, 2012 By Regina Smola Leave a Comment

WordPress Security Theme Report - VulnerabiltiesWordPress Security Report of Theme Vulnerabilities and Security Fixes

On June 19, 2012, I checked security on the following themes reported with security vulnerabilities.

Important! When a theme is cracked into, unfortunately the bad guys boast about it online which can cause hack attacks on those using it. I check for new threats daily and have made it my mission to help you keep your WordPress site safe.

This information is not to put you into panic mode. I do this research and share it with you to make you aware of any security issues so you can protect your website(s).

Also note that all themes listed at WordPress.org must meet strict guidelines before they are listed at their repository.

Themes are required to implement Theme settings properly, to ensure proper data security, and and to ensure end user privacy.

Source: http://codex.wordpress.org/Theme_Review#Security_and_Privacy

The WordPress Theme Review Team act very quickly when a theme vulnerability is discovered. They removing public access and contact the theme developer right away.

For WordPress security, please review the WordPress themes below to see if they have been removed from WordPress.org, pending a security update or if a security fix is available.

  1. Deep Blue
    Threat: Arbitrary File Upload Vulnerability in Version 1.9.2
    Reported: 06/17/2012
    Status: Removed from the WordPress.org repository
    Old URL: http://wordpress.org/extend/themes/deep-blue
    Trac: http://themes.trac.wordpress.org/log/deep-blue/ (last update 10/14/2011)
    Note: A premium version is available at the developers website. I have no information if the pro version is affected.
  2. Famous
    Threat: Arbitrary File Upload Vulnerability in Version 2.0.5
    Reported: 06/17/2012
    Status: Removed from the WordPress.org repository
    Old URL: http://wordpress.org/extend/themes/famous
    Trac: http://themes.trac.wordpress.org/log/famous/ (last update 12/16/2011)
    Note: A premium version is available at the developers website. I have no information if the pro version is affected.
  3. Photocrati (Premium Theme)
    Threat: Remote File Upload Vulnerability (Version not available)
    Reported: 06/13/2012
    Status: Unknown. I emailed the developer June 16, 2012 and have not received a response.
    URL: http://photocrati.com
    Changelog: http://members.photocrati.com/developers-corner/ (last update 12/18/2011)
    Note: The affected version is not published. Please check with the developer if you use this theme.

What to do your theme is listed above with “Status: Unknown…”

Important! For better WordPress security, you should deactivate the theme immediately and remove it from your site until a security fix has been released. Leaving a vulnerable theme on your server (active or inactive) still poses a security risk. You should switch to a default WordPress theme from within your Dashboard and contact the developer.

What to do if the theme you're using is listed as “Status: Removed from the WordPress.org repository?”

Important! For WordPress security, you should deactivate and remove the theme immediately until a security update is available or find a replacement.

Will a removed free theme get re-listed on WordPress.org?

For your protection WordPress.org removes the theme link until the developer has fixed any security issues. Once the vulnerability is fixed and reviewed by WordPress.org, the theme might get re-listed.

Note: Many times, third-party theme developers are actively working on a security fix. To check the status of any theme development and/or updates, click on the “Trac” or Changelog links above or copy and paste the Old URL to see if the theme has been re-listed. If it is re-listed, it is safe to use the latest theme version.

LEAVE YOUR FEEDBACK

Have a question about security of these WordPress themes? Need to report a theme vulnerability or have you found one that has been removed from the WordPress.org repository, please let us know. Leave your comment below.

P.S. I spend hours on these reports to help you stay safe. Please help other WordPress users as well by sharing this post using the buttons below.

Filed Under: Bugs & Vulnerabilities Tagged With: hacked wordpress theme, wordpress theme security

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Let’s work together:

Get in touch with us and send some basic info about your project. Don't be shy, we can help with just about anything.

Contact Us!

Footer

  • Facebook
  • LinkedIn
  • Twitter

Contact

Call 815-600-7270
Contact
Mo,Tu,We,Th,Fr 9:00 am – 5:00 pm

Get WordPress Help Now

Chat With Us!
Submit A Support Ticket

Copyright © 2025 | WP Security Lock, Inc