Welcome to the official blog for the PluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party Review Team.
The review team acts as gate-keepers and fresh eyes on newly submitted plugins, as well as reviewing any reported security or guideline violations.
We can be reached by email at pluginsļ¼ wordpress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/, or via the #pluginreview channel on Slack.
Detail any issues found and email the developer from Help ScoutHelp ScoutA 3rd party service we use to process emails for plugin reviews.
If no issues are found, approve the pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party
All plugins and developers are required to comply with all Plugin Directory Guidelines as well as the Forum Guidelines and WordCamp Code of Conducts (when applicable).
The plugin cannot be a 100% copy of another plugin. Forks are permitted, however they must show significant improvements or changes to the original.
The plugin must be the developer’s own work. Submission of another person’s plugin is not permitted.
If included in the review, the plugin headerHeaderThe header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitorās opinion about your content and you/ your organizationās brand. It may also look different on different screen sizes. image and logos must be family friendly and not be offensive.
The following plugin types are generally not permitted however exceptions can and will be made (for example, plugins that are a part of a featured project for coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress., such as the Rest APIREST APIThe REST API is an acronym for the RESTful Application Program Interface (API) that uses HTTP requests to GET, PUT, POST and DELETE data. It is how the front end of an application (think āphone appā or āwebsiteā) can communicate with the data store (think ādatabaseā or āfile systemā) https://developer.wordpress.org/rest-api/.):
Black or grey hat SEO (including plugins that auto post content and content spinners)
Plugins that state to ‘help you earn thousands of dollars’ or other improbable claims
Frameworks, boilerplates, and libraries plugins
Plugins that require themes or plugins to be edited for use
Marketplace or storefront only plugins
Plugins that reproduce core WordPress functions or features without perceivable improvements (example: a plugin that allows embedding youtube videos)
Plugins that allow users to paste in raw JS/CSSCSSCSS is an acronym for cascading style sheets. This is what controls the design or look and feel of a site./HTMLHTMLHTML is an acronym for Hyper Text Markup Language. It is a markup language that is used in the development of web pages and websites./PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. without sanitization or security
Please note: All existing plugins in the directory are permitted to remain, and will not be deleted unless there are extreme circumstances.
Be 100% GPLv2 or later and/or 100% GPLGPLGPL is an acronym for GNU Public License. It is the standard license WordPress uses for Open Source licensing https://wordpress.org/about/license/. The GPL is a ācopyleftā license https://www.gnu.org/licenses/copyleft.en.html. This means that derivative work can only be distributed under the same license terms. This is in distinction to permissive free software licenses, of which the BSD license and the MIT License are widely used examples.-compatible licensed
Copyright and licenses must be explicitly declared using the license and license uri header slugs in the readme
Licenses of any resources included such as fonts or images must be declared in the plugin header
Code and design should be original or legally permitted for use
Forks must be appropriately credited; no copyright information may be removed
Validation, sanitization, and escaping of all processed or saved data
Use of a unique prefix for everything the plugin defines in the public namespace (ex. options, functions, global variables, constants, post metaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress., etc.)
Valid readmes
No saving content locally to the plugin folder, as it is deleted on upgrades
Avoiding hard coding to modify content (using function parameters, filters and action hooksHooksIn WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same. where appropriate)
Avoiding duplication of existing WordPress core features (i.e. embedding YouTube)
Tags and descriptions matching what the plugin does and what it connects with
Requirement checks fail gracefully when not present
Don’t phone homePhone homeA plugin that āphones homeā sends back tracking information to the plugin developer once itās installed on a site. This may include IP addresses, usernames, or other data. without informed user consent
Collection of user data must be “opt-in” only and have the relevant option set to disabled by default
Validate and sanitize untrusted data before processing (See: Data Validation)
AccessibilityAccessibilityAccessibility (commonly shortened to a11y) refers to the design of products, devices, services, or environments for people with disabilities. The concept of accessible design ensures both ādirect accessā (i.e. unassisted) and āindirect accessā meaning compatibility with a personās assistive technology (for example, computer screen readers). (https://en.wikipedia.org/wiki/Accessibility) – Plugins should follow the Accessibility Handbook
Code should be written to support internationalization and automatic translations via translate.wordpress.org
Support of PHP 5.2.4 and up, or graceful failure if newer versions are required
Proper alerts and errors if any required plugin or theme is not installed and active
If a plugin connects to a service, the following additional requirements apply:
Data transmission is secure and sanitized
Readme description (and FAQ) detail usage and registration
Connectivity to the service is not performed via an iframeiframeiFrame is an acronym for an inline frame. An iFrame is used inside a webpage to load another HTML document and render it. This HTML document may also contain JavaScript and/or CSS which is loaded at the time when iframe tag is parsed by the userās browser. in the dashboard (APIs are recommended)