How Can I Trust Nulled Theme or Plugin?

detect Malicious code

How to Detect Malicious Code in Free and nulled WordPress Themes and Plugins? 

detect Malicious code

detect Malicious code

Introducing several tools to identify malicious code, and 3 step method to Find malicious code or unwanted backlinks from nulled or Free WordPress themes and plugins that are downloaded From any unreliable Website.

Apart from Official WordPress repository there are hundreds and thousands of websites which provides free WordPress themes and Plugins but the problem is you can not trust them always. before to buy any premium theme, Most of them add a malicious code to themes and plugins which is not too easy for you to find out.

On one hand, buyers who like to test drive any theme or plugin to understand its functions and features. Unfortunately not all theme sellers does offer such a feature like Themeforest, creative market so on.

However many of you might want to use those nulled or free plugins and themes for test before buying!, If you are one of them, read the remaining article!

Some Aims to create malicious code (by Hackers)

  • To get backlinks from your blog unknowingly.
  • To get access to your website.
  • To redirect your website to spam links.
  • To add their advertisements and banners.
  • or to simply get your website down.

*Not only free themes and plugins also the premium Nulled plugins and themes that you have download from Warez and torrents may also infected by malicious codes.

Getting started:

First) Always install Nulled Theme/Plugins on a TEST Server, Never install on your main website. (for local test use Wamp server or Xampp server)
Second) Wait for at least 2-7 Days before migrating site to the main server.(While Site is installed on the test server, using these 3 Step below. you can keep your Nulled Themes or Plugins 100% Virus/Malware Free)

Step 1- Detecting Malicious codes

After downloading the plugin or theme,The first thing you should do is to check for Virus, Trojans and other Worms that you may not like it.

Go to and upload the zip file to check for virus.  (VirusTotal sometimes finds fault with ZIP files.! A better way is the install theme/plugin on live test server and use VirusTotal online web checker.)

If your file is infected you will get a red signal and if not then you can move on to next step.

VirusTotal- check for Virus, Trojans and other Worms

VirusTotal- check for Virus, Trojans and other Worms

Step 2- Check for Unwanted Codes in Plugins

Search the files and database of your WordPress install for signs that may indicate that it has fallen victim to malicious hackers. Exploit Scannerwhich can be securely downloaded from WordPress website.

  1. Download and unzip the plugin.
  2. Copy the exploit-scanner directory into your plugins folder.
  3. Visit your Plugins page and activate the plugin.
  4. A new menu item called “Exploit Scanner” will be available under the Tools menu.

After the scan you can see a list of codes that are suspected.You can use the browser search function to find the plugins that you installed from outside WordPress repository.

Note : This plugin will also scan themes but you might to be interested to try the tip that I am about to give next.

Exploit-Scanner- Find unwanted codes in WordPress Plugins

Exploit-Scanner- Find unwanted codes in WordPress Plugins

Step 3- Check for Theme Authenticity by TAC

TAC stands for Theme Authenticity Checker. TAC searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code, Adding a backlink in a free theme is very common technique but you can easily find those exploited themes by the plugin called Theme Authenticity Checker (TAC).

Theme Authenticity Checker (TAC)- for signs of malicious code in WordPress Themes

Theme Authenticity Checker (TAC)- for signs of malicious code in WordPress Themes

After downloading and extracting the latest version of TAC:

  1. Upload tac.php to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Go to Appearance -> TAC in the WordPress Admin
  4. The results of the scan will be displayed for each theme with the filename and line number of any threats.
  5. You can click on the path to the theme file to edit in the WordPress Theme Editor


Some Online tools to find the Malware and Security Scanner:


Some WordPress Plugin to find the Malware and Security Scanner:


Sucuri Scanner

Wordfence  or  nulled Wordefence

Last Word:

Always monitor your Host Cpanel, Too much use of resources it may be caused by malware !.



After installed new Theme/Plugin, check your website Speed and Number of Request, use Gtmerix or Pingdom tools  

Gtmetirx report

Gtmetirx report

Statistical comparison of before and after installing a plugin/theme and  see a large increase in requests, Show that Something is Wrong.!!

*Its very rare to get hacked unless,We make mistake.! Good Luck