Around three months ago, I posted a warning to WordPress and Joomla users about downloading themes from which contained hidden spam and malware links. What they did was collect public themes for WordPress and Joomla, modify it and redistribute it on their site. Well it seems that they’re not the only ones doing it because just recently another site was discovered to distributing modified WordPress.

The culprit this time is, which is a site that supposedly offers free downloads of “premium” WordPress themes. What most users don’t know is that the guys at have already modified the footer.php file of each theme. They’ve edited the WordPress link and instead of it linking back to, it links back to their site

I’m not giving them any link love but if you wanna check them out you’ll see that they’ve done a good job of collecting attractive and well-designed WordPress themes. One thing that I immediately noticed in their site was their tag line – Get premium WordPress themes for FREE! It’s their style of tricking new WordPress users into downloading themes from their site. But if you know your stuff, you’ll know that it’s silly because all those themes that they have in their site are offered for free by the theme authors themselves.

I’m sure this won’t be the last time we’ll hear of something like this and I’m sure there are also other sites doing the same thing. The next time you want to download a public WordPress theme, make sure you download it from a reliable source like the theme author’s website, the theme’s own download page or from Themes Viewer. If you wanna play safe, NEVER download a WordPress theme from third party site. Better safe than sorry!

Where do you download WordPress themes? Have you or anyone you know downloaded/used a theme from Did you have any experience downloading and using a modified WordPress theme containing spam links? What safety measures do you take when downloading/using a WordPress theme? Share your thoughts!

JaypeeOnline is supported by its audience. When you click on the advertisements or purchase through links on our site, we may earn an affiliate commission. Learn more



Owner and editor of JaypeeOnline. Self-proclaimed geek. New media writer and consultant. WordPress advocate. Loves blogging, gadgets, video games and sports. You can follow him on Facebook or Twitter.


  • JP Habaradas, January 29, 2009 @ 10:00 PM

    @gamzter – Oh okay. What’s important is you learned from that experience. Next time, make sure you only download WordPress themes from reliable sites/sources. :)

  • gamzter, January 29, 2009 @ 9:56 PM

    ay hindi po galing sa mga sites na yan..nakalimutan ko kung san ko nakuha…

    gamzters last blog post..The inauguration of Barack Obama *LIVE*

  • JP Habaradas, January 28, 2009 @ 8:25 AM

    @gamzter – Really? Where did you get the WordPress theme from? Was it also from the sites I mentioned in the post? Yes, its always good to check WordPress themes before you install them and also to only download from reputable and reliable sites.

    If the user doesn’t know HTML or CSS, they can ask help from their friends or from other bloggers like me. :)

  • gamzter, January 28, 2009 @ 8:20 AM

    i experience already this kind of hacking…usually they put it in the footer.php…so a good advice is check your footer or to be safe check all your .php and see if there’s any malicious codes…and if you don’t know how to read html…better not download themes…^^

    gamzters last blog post..The inauguration of Barack Obama *LIVE*

  • JP Habaradas, November 26, 2007 @ 4:45 PM

    @Mikko – Yeah it is if you have the skills. Hehe These days there are a lot of good WordPress themes that you can download for free. If you want to make it different, you can modify it and customize it. :)

  • Mikko, November 26, 2007 @ 4:41 PM

    Making your own template is still the best option. Hahaha. ;D

  • JP Habaradas, November 25, 2007 @ 8:35 AM

    @Dre – Good for you! I wish I had the same skills to create my own custom WordPress theme. Hehe :D

  • Dre, November 25, 2007 @ 8:31 AM

    It’s a good thing that I know how to do my themes. But before, I just download from

  • JP Habaradas, November 23, 2007 @ 3:15 PM

    @Pinoy Rick Jerk – Thanks! True, like I mentioned earlier the reason I posted about this is to help spread the word and awareness to WordPress users about malicious sites like these and to remind/teach them safety measures on downloading/using themes.

    Thanks for dropping by! :)

  • Pinoy Rich Jerk, November 23, 2007 @ 3:12 PM

    Its nice you have posted these warnings. Really lots of new WordPress users don’t know these exploitations that are happening. Your site can be compromise by these malicious codes inserted on certain WordPress themes.

    Make Money Online –

  • JP Habaradas, November 19, 2007 @ 6:55 PM

    @Euri – That’s a very good practice. I hope that by posting about this, WordPress users especially the newbies would be made aware of this and be careful when downloading or using public themes. :)

  • Euri, November 19, 2007 @ 6:52 PM

    I haven’t downloaded a theme from that certain website. Whenever I use a pre-made theme, I usually go to to get the theme’s author and download the theme directly from their site. That way, I’ll get the latest version of that theme.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.