Can installing a plugin delete an entire theme directory?

Do WordPress plugins have permissions to delete entire directories? (it’s a Linux based host)

WordPress plugins have permissions to do anything WordPress itself can do. It’s all just code. There’s no permissions model or sandboxing of any kind with plugins.

Plugins and themes can do anything that PHP on your system can do.

Is there a quality control process for plugins before they enter the WordPress official repository?

Yes and no. Generally, we review new plugins for prevention of spam and obvious security problems and the like, but it’s not an extensive review. If a plugin contained code to delete themes, and it is an error of some sort, it’s unlikely that it would be immediately caught before being listed.

Most security problems and spam are generally noticed and kept out, if not before then after. Reports sent to [email protected] are investigated, but quite a lot of the reports sent are false or incorrect in some manner.

See, it’s unlikely that your theme disappearing is intentional behavior by the plugin. So it’s a bug in some fashion. Plugins are not extensively tested. There’s 18,000+ of the things, after all. You have to trust the author of the plugin to some degree.

Or your problem may be unrelated to the plugin. Without specific details on how your theme was removed and the sequence of events and the code that causes it to occur… what you’ve presented is basically hearsay. “I did this and a bunch of bad stuff happened” doesn’t mean that the stuff you did caused the bad stuff to happen. Events in computing systems rarely are cause-effect. Most often they are several minor factors among many interacting systems which lead to an unintended and unexpected result. The weirder the problem (and yours sounds pretty weird), the more likely this is to be the case.

So realistically, instead of questioning the process that led to the circumstances, first you need to be sure that the circumstances are not a special case. A contact form plugin that intentionally deleted themes would get reported pretty quick, no? In such a case the plugin would have been removed. So if it’s unintentional, and it didn’t happen to anybody else, then you’d have to basically prove that it’s the plugin that did it instead of some strange and unusual combination of circumstances which nobody could have predicted. The problem would have to be repeatable. The code causing the problem would need to be identified, and then the problem could be fixed.

Related Posts:

  1. What security concerns should I have when setting FS_METHOD to “direct” in wp-config?
  2. WooCommerce store with ~30,000 products [closed]
  3. Uncaught Error: Call to undefined function wp_generate_attachment_metadata() @ wp-cron
  4. force enqueue script to be first in order of prominence
  5. wp_mail and BCC headers
  6. Using require_once in a Plugin?
  7. How to call “page specific menu items” in template [closed]
  8. Hook for image edit popup
  9. Plugin.php: PHP Notice: Undefined offset: 0 in
  10. wp_enqueue_style in Plugin [duplicate]
  11. Master menu item for multiple plugins?
  12. How can I change plugin to give access to editor user role?
  13. Is it possible to add an action to the currently running action?
  14. Google Maps and Yandex Maps doesn’t work correctly
  15. How do I get slug of all active plugins programmatically?
  16. Only execute jQuery function(on document ready) on the page has shortcode from plugin [duplicate]
  17. unzip a folder on specific location and delete the zip file
  18. Check if User exists in WordPress Multisite
  19. WooCommerce – results per page not working after page reload
  20. WordPress author details plugin/widget
  21. Duplicate posts when posting nulls in records in phpMyAdmin [closed]
  22. Plugin version is not showing up in wordpress.org plugin directory
  23. Saving changes in wp_editor
  24. Removing customise fields during plugin uninstallation
  25. plugin class inheritance. cannot change variable
  26. Modifying the comments section through a plugin regardless of theme
  27. How to get specific setting by settings_fields()?
  28. Search for categories
  29. Best way to initiate a class in a WP plugin?
  30. Why this function not working for install database on plugin activation
  31. The Hook registration_errors was not called
  32. How to create a child/addon plugin
  33. How to secure the release of WordPress plugins / avoid copying plugins?
  34. What happens if I don’t update my plugins?
  35. Hide certain widgets from specific user roles in admin
  36. Delay JavaScript files from loading
  37. remove_action not removing add_action from constructor
  38. How to display checked posts on another page over AJAX? (like comparasion style)
  39. Custom widget doesn’t save values from dropdown box
  40. Is there a way to make the main page only display a brief description of the full article?
  41. jQuery Click event is not fired at all
  42. Limit WP code scope into plugin
  43. Widget for specific category
  44. WordPress custom plugin that uses woocommerce enabled payment gateway for payment [closed]
  45. How to call external functions from a PHP script in a WordPress plugin?
  46. Generate Own Custom CSS Button with icon
  47. Unable to install plugins
  48. Execute a function when the entire page is displayed
  49. Is there any way to inject text onto pages?
  50. WordPress as heavily personalized content management portal, and somewhat like dropbox [closed]
  51. “switchEditors is not defined” with wp_editor() in jQuery UI tabs
  52. Plugin that lets visitors Like a post (not facebook) and stores likes in custom meta?
  53. How to get Recent Post From Each Category with Thumbnail?
  54. Error Using Audio plugin
  55. Cannot read properties of undefined (reading ‘firstChild’) using photoswipe in product page
  56. Multisite Change from domain.com to sub.newdomain.com
  57. “Welcome to WordPress” Plugin Required Error
  58. Creating an admin button that when clicked shows a popup form
  59. How to list datas from database in a topic?
  60. Downloading a file
  61. Profiling the initial PHP file, anyone, that get like 10 seconds to load
  62. How use wp_insert_post and add og:custom tags?
  63. Remove Keywords From Webpage But Still Use for SEO
  64. How to change “Read More” text?
  65. Troubleshooting Admin_Notice
  66. Images are broken in Wysiwyg Editor – ACF backend
  67. How to use wp_editor and save its data in wp_posts table
  68. WordPress database problem wp_posts, primary key
  69. Auto trigger of popup
  70. My WordPress activation hook isn’t working
  71. How to allow URL with filename & extension in wordpress?
  72. Plugin will not write background color to site
  73. WordPress Plugin PHP Not Calling Function
  74. how to show the tables of my plugin in the export tab of WordPress?
  75. load plugin in code snippet
  76. Do_shortcode before send email content
  77. When the user entered an unauthorized url redirect to login page
  78. Get plugin to background of page
  79. how to create database to use it in wordpress website?
  80. WordPress Feedback popup with date saved into table
  81. Plugin option for input box validation
  82. What is a good way to test that plugin upgrades have completed properly?
  83. Include paths and functions for external scripts
  84. Postal address auto-complete on profile page
  85. Remove the ‘Press This’ Tool
  86. WordPress Related Plugin – Adding an image
  87. Looking for a related post plugin which slides-in like the one at inc.com does [closed]
  88. which is this plugin ? [closed]
  89. Sync roles across several plugins
  90. How to write a specific url for only single page in wordpress?
  91. WordPress Plugin to Show a Website in Different Language? [closed]
  92. Strict Standards: Non-static method in sidebar generator
  93. Check if plugin is being disabled
  94. How to add product thumbnail on orders list on backend?
  95. How to disable plugin capability : “create new category”
  96. Scripts don’t enqueue after removing plugin
  97. Plugins menu not on dashboard
  98. How to make content as required in custom post type?
  99. Categories not showing when all of the posts are private
  100. How to create a “Most Popular” & “Latest” TAB in WordPress

Leave a Comment