Good Work, Amy! ... and definitely yet another justification for the process and guidelines we use.<br><br><br clear="all">Cais.<br>
<div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Apr 25, 2012 at 11:50 AM, Amy Hendrix <span dir="ltr"><<a href="mailto:sabreuse@gmail.com" target="_blank">sabreuse@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I had a bit of time so I went through the list he posted --<br>
<br>
- Only one theme is available in the directory, and that was a false<br>
positive (same filename, but a completely different "helpers" file<br>
from the others on the list).<br>
- Two were themes that reviewers caught, rejected, and reported to<br>
<a href="http://wp.org" target="_blank">wp.org</a> at the time they were reviewed,<br>
- The rest were from before there was a review process, and none of<br>
them would pass review now.<br>
<br>
I think that's a nice indication that our process has made a big<br>
difference in the quality of what gets out there!<br>
<div class="HOEnZb"><div class="h5"><br>
On Wed, Apr 25, 2012 at 10:35 AM, Amy Hendrix <<a href="mailto:sabreuse@gmail.com">sabreuse@gmail.com</a>> wrote:<br>
> Yeah, I suspect that "helpers.php" is an exploit that someone is using<br>
> somewhere -- exactly because it's such a generic-looking filename --<br>
> but it's also used as a name for a perfectly innocent helper function<br>
> library by other themes.<br>
><br>
><br>
> On Wed, Apr 25, 2012 at 10:32 AM, Chip Bennett <<a href="mailto:chip@chipbennett.net">chip@chipbennett.net</a>> wrote:<br>
>> I replied, and "ottolook" tagged the topic. (If code is to be removed from<br>
>> SVN, Otto is the one to do it.)<br>
>><br>
>> The OP definitely found some malicious code, but some of the referenced<br>
>> Themes don't have malicious code, as far as I can tell.<br>
>><br>
>> Thanks,<br>
>><br>
>> Chip<br>
>><br>
>><br>
>> On Wed, Apr 25, 2012 at 9:12 AM, esmi at quirm dot net <<a href="mailto:esmi@quirm.net">esmi@quirm.net</a>><br>
>> wrote:<br>
>>><br>
>>><br>
>>><br>
>>> <<a href="http://wordpress.org/support/topic/backdoored-templates-on-themessvnwordpressorg" target="_blank">http://wordpress.org/support/topic/backdoored-templates-on-themessvnwordpressorg</a>><br>
>>><br>
>>> Mel<br>
>>> --<br>
>>> <a href="http://quirm.net" target="_blank">http://quirm.net</a><br>
>>> <a href="http://blackwidows.co.uk" target="_blank">http://blackwidows.co.uk</a><br>
>>> _______________________________________________<br>
>>> theme-reviewers mailing list<br>
>>> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
>>> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
>><br>
>><br>
>><br>
>> _______________________________________________<br>
>> theme-reviewers mailing list<br>
>> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
>> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
>><br>
_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
</div></div></blockquote></div><br></div>