[theme-reviewers] Exposing admin urls

esmi at quirm dot net esmi at quirm.net
Fri May 17 11:08:36 UTC 2013

Just started my first theme review, so this may be the first of many 
questions. Sorry... :-)

How do we feel about exposing admin urls when a user is not logged in?

The theme I am reviewing uses admin_url() in the unpopulated sidebar and 
footer to direct the site admin to Appearance -> Widgets. But this link 
is also visible to non-logged-in users. I appreciate that the WP admin 
url is hardly a secret but, if was me, I'd only display the link within 
a conditional to check that the user is logged in & had the appropriate 

Is this worth noting? Perhaps as a recommended fix in a future version? 
Or am I being just too darn picky?


More information about the theme-reviewers mailing list