Warning to Joomla and WordPress Theme Users

wordpress logo

Found this article from Derek Punsalan’s blog 5ThirtyOne.

Templates Browser dot com is collecting WordPress & Joomla public themes and modifying them by inserting hidden spam or malware links that can compromise the end user then re-distributing it in their site. These spam and malware links are inserted in a functions.php file that comes with each theme download.

Derek’s popular WordPress theme 5ThirtyOne V2 is one of the themes being re-distributed by Templates Browser. Other themes in their list include the Fresh theme by iLemoned and the NotSo Fresh theme which I previously used here in my blog.

If you’ve recently downloaded a WordPress or Joomla theme from Templates browser, make sure you don’t use it and download a clean version from the theme’s original source. That’s why it’s always a good practice to download themes from reliable sources or directly from the author’s homepage or theme homepage.

Please help spread the word so other Joomla and WordPress theme users would be aware of this. Visit Derek’s post and Digg it.

Anyone of you guys happen to download or used an infected theme from Templates Browser or other malicious websites? If not, where do you usually get your WordPress themes from? Please share your thoughts by leaving a comment below.

This post may contain affiliate links that allow us to earn commissions at no additional cost to you. We are reader-supported so when you buy through the affiliate links, you are also helping or supporting us. 


  1. @webslave – You’re welcome! Just doing my best to spread the word and warn users. Yup, we really should be careful on what we download or install on our blogs. :)

    Daghang salamat sa imo pagbisita sa akong blog. ;)

  2. @blogOloco – Yup, we really should be cautious and vigilant when it comes to these type of issues. I always remind my readers to only download themes or plugins from reliable sources.

    I’m using Firestats for that. You can download it here.

  3. It’s good that you highlighted this issue. It’s something that you would be cautious on. Make sure you don’t download anything from a dodgy site especially. Themes and Plug ins both can be targetted definitely. They will try whatever they can.

    OTT – i’m interested with your location avatar that show up beside the user comment. could you tell me where to download it. cheers mate.

  4. I found this post after looking through my generated page code for Joomla! and found various links to University porn stashes.

    However, it seems to be intermittent?

  5. @Connie – Ganun ba? Eh pano kung babae sila, ano yon puputulin? LOL :D

    Maybe we can start another mob to get rid of sites like this. If you already started one, let me know so I can join. :)

  6. Uy Jaypee, I meant “putol” elsewhere hahahaha

    LOL @ Ajay. Don’t you just love it? I was very proud to be part of the mob that got the WP themes with sponsored links off the WP site. hahahaha

  7. @ajay – I don’t think my post was the one that spawned the “local” thing or is it? Or maybe you’re referring to the issue that’s involved in this post? Sorry, I’m a bit confused. Hehe :D

  8. @Riz – My bad. I wasn’t able to explain it well coz Twitter limits the number of characters per message.

    The only way to fight them is to tell other WordPress users about it so they won’t download from that site again. Maybe you can post an announcement on your blog about it so those who use your themes would know.

  9. Ohhh okaay. I didnt understand your twit. I didn’t realize it was redistributed with spammy links. arrg. Tsktsk. Is there any way we could take the themes out of their database? Arrg. Screw these people!!

  10. @Connie – Some people use their talents into bad use. I agree, dapat nga sila putulan. Putulin ang mga daliri para hindi na sila pwede mag type ulit or mag modify ng mga themes. :D

  11. OMG! I am actually looking for a joomla template! geezz, good thing i’m still using the default one….

    hope the one i download is clean..

    thanks for posting this man! ;)

  12. @Joni – I know. Some people will do about just anything just to make money. I sure hope those people who downloaded themes from that site would be alerted before it’s too late.

  13. Tsk tsk! These people have nothing better to do! I feel sorry for those WordPress and Joomla users who made use of the modified themes with hidden links and malware.

    You're right, WP users should just download themes directly from the author's website. Themes.wordpress.net is reliable website too.

Leave a Reply

Your email address will not be published. Required fields are marked *