Security Audits

Professional WordPress Theme and PHP Security Reviews.
Security Audit

Request a Security Audit

Would you like to receive a security audit for your WordPress theme?
We are currently taking on a limited number of free security code reviews per month. 

Security Audit

What we Check

  • Complies with WordPress Coding Standards
  • Clean, Readable and Documented Code
  • Correctly checking secure nonce values
  • Correctly checking user permissions
  • Correctly escaped user input preventing XSS
  • Bundled theme plugins comply as well

Secure WordPress Themes

The below themes have passed an independent code security review.

xtheme

X Theme

All theme code and bundled plugins
passed security audit.

verge

Verge

All theme code and bundled plugins
passed security audit.

tendril

Tendril

All theme code and bundled plugins
passed security audit.

Why Get a Security Review?

  • A high number of commercial themes have security bugs in them, often unknown to the theme author.
  • These security bugs could allow attackers to deface a website, gain unauthorized access or spread spam and malware.
  • It is possible for a theme to pass automated coding checks yet still contain insecure code.
  • Commercial theme reviewers can often miss security holes because they can be hard to locate.
  • It is better to find and fix these issues before an attacker does.
  • We have reported many security issues in the top selling commercial Themes and Plugins over the past two years.
  • We have worked closely with theme and plugin authors to responsibly disclose security issues and offer coding assistance where needed.

Buyers, ensure a theme is secure before purchase

Look for a "security audit" banner like the one below