Genericons and Theme Updates

Welcome to the Themes team!

We are a group of volunteers who review and approve themes submitted to be included in the official WordPress Theme directory.

We do license, security, and code quality reviews.

We help build and maintain default themes.

The primary focus of the team is to help theme authors transition to blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience.-based themes.

If this sounds interesting, read more about the team here. Check out our guide for new reviewers and the frequently asked questions.

Handbooks and review requirements

The team maintains the official Theme Review Requirements, the Theme Unit Test Data, and helps the documentation team with the Theme Developer Handbook.

Coding standards and plugins

We maintain the WPThemeReview Standard for PHP_CodeSniffer, the Theme Sniffer plugin and Theme Check

Code Packages

We have code packages for themes available for use on Github and Packagist

Communication

Meet us in the #themereview SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

Meetings:

Twice monthly at Tuesday @ 15:00 UTC.

#themereview

Earlier today, the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. security team shipped new versions of a number of themes that were vulnerable to a cross-site scripting issue due to shipping a Genericons example file. This was in conjunction with WordPress 4.2.2 but happened hours prior to it shipping. This is the first time we’ve updated themes without notifying the theme authors ahead of time, so I wanted to make sure that we let you know that it happened and answer any question you have.

Note: Among the themes updated was Twenty Fifteen due to the same vulnerability.

If you have any questions, feel free to ask and I’ll do my best to respond to them.

Jeff Chandler 3:57 am on May 7, 2015

Is it possible to see a list of affected themes?
Jose Castaneda 5:06 am on May 7, 2015

Thanks for letting us know Sam!
Stephen Cronin 7:49 am on May 7, 2015

Just wondering – when you say “the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. security team shipped new versions”, do you mean that they just updated the themes on wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/, or do you mean they force updated users’ sites?

If they force updated users’ sites, I’d be really curious as to whether the number of users losing customizations (ie having edited files) was a significant issue or not. I’m not sure the average user knows how to use child themes, which is a pity.
- Samuel Wood (Otto) 9:34 am on May 7, 2015
  
  We updated the themes on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ with new version numbers. These versions were identical to the previous versions, with only the single problem file removed.
Deborah 3:28 pm on May 7, 2015

Thanks for the update. Appreciate all the work from the security team. Like Jeff, I’d be interested in the list of updated themes.

Welcome to the Themes team!

Handbooks and review requirements

Coding standards and plugins

Code Packages

Communication

Share this: