A theme must meet all of the following requirements to be included in the WordPress.org theme repository. Themes that have 3 or more prefixing or security issues may be closed as not-approved. However, theme authors may resubmit once they’ve corrected the issues.
Along with these checks you should also make sure you run the theme through the theme check plugin. It automatically checks for all the required items. You can find a full list of what it
checks here. You should also support up to 3 versions behind the current WordPress version.
No PHP or JS errors.
Have a valid DOCTYPE declaration and include language_attributes.
Validate and/or sanitize untrusted data before entering into the database. All untrusted data should be escaped before output. (See:
Data Validation) No removing or modifying non-presentational hooks.
Must meet all
Theme Check requirements Provide a
unique prefix for everything the Theme defines in the public namespace, including options, functions, global variables, constants, post meta, etc.
WordPress functionality and features first, if available. Do not use features/APIs meant for WP Core use only e.g.
admin pointers and private functions. No pay wall restricting any WordPress feature.
Avoid hard coding to modify content. Instead, use function parameters, filters and action hooks where appropriate. For example
wp_title should be modified using a filter. Able to have child themes made from them. (Child theme ready)
theme tags in style.css and description must match what the theme actually does in respect to functionality and design. Don’t use more than 3 subject tags (See: Theme Tag List). Use
template tags and action/filter hooks properly. Include comments_template().
The theme options should not be pseudo custom post types and save non-trivial user data. Non-design related functionality is not allowed. (See:
Plugin territory examples)
Any custom features, options or any limitations (for example menu restrictions), should be explained. Enough documentation should be provided.
All theme text strings are to be translatable.
Include a text domain in style.css.
Use a single unique theme slug – as the theme slug appears in style.css. If it uses a framework then no more than 2 unique slugs.
Can use any language for text, but only use the same one for all text.
Be 100% GPL and/or
100% GPL-compatible licensed. Declare copyright and license explicitly. Use the license and license uri header slugs to style.css.
Declare licenses of any resources included such as fonts or images.
All code and design should be your own or legally yours. Cloning of designs is not acceptable.
Theme names must not use: WordPress, Theme.
Spell “WordPress” correctly in all public facing text: all one word, with both an uppercase W and P.
Use the Customizer for implementing theme options. Save options in a single array.
sane defaults and don’t write default setting values to the database. Use
edit_theme_options capability for determining user permission to edit options, rather than rely on a role (e.g. “administrator”), or a different capability (e.g. “edit_themes”, “manage_options”).
Don’t include any plugins. A theme can recommend plugins but not include those plugins in the theme code.
The screenshot should be of the actual theme as it appears with default options, not a logo or mockup.
The screenshot should be no bigger than 1200 x 900px.
Don’t phone home without informed user consent. Make any collection of user data “opt-in” only and have a theme option that is set to disabled by default. Find out more about
security here. No URL shorteners used in the theme.
If you are a theme shop you should be selling under GPL to be in the WordPress.org repo. (
See explanation) If the theme adds a footer credit link, there should only be one (
link to WordPress.org does not count) Themes should not display “obtrusive” upselling.
No hard coding of script and style files.
No minification of scripts or files unless you provide original files.
Required to use core-bundled scripts rather than including their own version of that script. For example jQuery.
Include all scripts and resources it uses rather than hotlinking. The exception to this is Google Fonts.
It’s worth noting we are working to automate a lot of the above requirements.
Along with the required items, you should also consider the
The recommended items are there to make sure your theme is the best it can be and good advice to include as best practice. recommended items.