{"id":148747,"date":"2023-09-05T07:14:59","date_gmt":"2023-09-05T07:14:59","guid":{"rendered":"https:\/\/developer.wordpress.org\/?post_type=theme-handbook&p=148747"},"modified":"2024-04-25T10:51:56","modified_gmt":"2024-04-25T10:51:56","slug":"theme-security-issues","status":"publish","type":"theme-handbook","link":"https:\/\/developer.wordpress.org\/themes\/theme-security\/theme-security-issues\/","title":{"rendered":"Theme security issues"},"content":{"rendered":"\n
\n
<\/div>\n
Please do not report security issues with WordPress Core to the themes team. To report an issue with WordPress itself, follow the directions for reporting security vulnerabilities.<\/a><\/div><\/div>\n\n\n\n\n
\n
<\/div>\n
If you have found a plugin<\/b> with a security issue, please read Reporting Plugin Security Issues<\/a><\/div><\/div>\n\n\n\n\n

How to report a theme<\/h2>\n\n\n\n

If you find a theme with a security issue, please do not<\/strong> post about it publicly anywhere. Even if there\u2019s a report filed on one of the official security tracking sites, bringing more awareness to the security issue tends to increase people being hacked, and rarely speeds up the fixing.<\/p>\n\n\n\n

To report a theme that is in the WordPress.org theme directory, please go to the theme’s directory listing (For example, https:\/\/wordpress.org\/themes\/twentytwentythree\/<\/a>) and use the “Report this theme<\/strong>” button in the sidebar, and complete the form.<\/p>\n\n\n\n

\"\"<\/a><\/figure>\n\n\n\n



You can also send reports of security issues to themes@wordpress.org<\/code>. Include the following:<\/p>\n\n\n\n