Being a website owner you surely came across WordPress nulled themes or plugins at some point. Nulled is a similar term to crack for games. It means that premium plugin or theme which has license activation was “cracked” so it can work without a valid license.
Nulled can also be themes and plugins shared on various sites which don’t require activation but are still paid (premium) products which you should purchase in order to install and use.
Usually nulled themes can be found on suspicious websites which are full of ads and can lead you to another website. If you are new to WordPress you probably in some moment wish to had premium plugin or theme but didn’t have money to purchase.
In those moments temptation is big and “nulled” products seem like a good choice. Or maybe you just want to test plugin or theme before purchasing. Especially considering that on ThemeForest and Codecanyon it is almost impossible to get a refund.
WordPress Nulled Themes And Plugins
One of best WordPress themes and plugins are typically paid. Quality comes with a price. Or with more features, add-ons, and options. As pirated versions of premium WordPress products are available through file sharing sites, you may think why pay then when you can get it free?
When you want to download premium WordPress product for free, you have to remember that using a theme or plugin without paying for it, may not be legal. In addition to the moral side, using nulled themes or plugins may cause you problems.
Odds are good that a quality theme you’ve been wanting but couldn’t afford is free only because someone has installed a malicious code inside.
This code is often hidden inside an encrypted script that is difficult to detect. Once installed, the script can harm your blog and disclose sensitive information.
Of course, not all have malicious code. Some website owners where nulled products are shared earn from Adsense. But also in that cases, I doubt they bought all themes and plugins they are sharing.
They have probably been downloaded from some other site without even checking the code for malicious scripts. There are also membership sites with nulled products. You pay monthly or yearly and you are able to download the latest version while your subscription lasts.
This is not anything new. Sites with nulled WordPress themes and plugins are here from long ago. And they are many. As many themes and plugins are published under GPL license most sites that offer WordPress products outside of official stores will say they are free to share or even resell.
This is not entirely true. While there is some truth in it, things are more complicated than that. But I am no expert regarding this field. You can read more about this in Chris Lema post, WP and Legal Stuff post and on Freemius blog.
What Are Risks of Using WordPress Nulled Themes or Plugins?
WordPress themes and plugins are time, resource and skill-intensive to make, and developers rightly charge a very reasonable price for their products. Customers get huge value and further value from after-purchase support, tutorials, and updates.
Nulled WordPress products offer only files. No automatic updates or support. When a new version comes up you will not be able to update from your website dashboard.
You will again need to find and download the latest version from sites which provide pirated versions. This will be time-consuming process and often you will not be able to find the latest version.
Purchasing premium products you are actually buying updates and most importantly support. Support is not provided for nulled themes or plugins as they are not bought officially.
So you will have to fix everything by yourself or try to find a solution on forums, and there is no guarantee that you will succeed.
Access to professional support from developers is a huge part of the value that comes with purchasing a WordPress product. You get both the peace of mind that if anything goes wrong you can get it fixed right away at no extra cost.
Nulled themes or plugins are usually cracked and contain additional content which is usually malware. Typical problems that may occur are advertising, pop-ups, and different codes which shouldn’t be there. You not only put yourself at the risk but also the visitors of your website.
Pirated WordPress products are bad for SEO. They can be used to acquire spam links on as many sites as possible. Search engines will punish your site’s rankings if you’re hosting spam links. Furthermore, visitors may see these spam links and will judge your site to be unprofessional.
Think about it. Why would someone share so many paid products with you for free? They must receive something in return. Maybe money from ads on their site or by redirecting to other sites.
Maybe they even include malicious code into the products you download. Then they can get access to the database of your users, get their personal data, number of credit cards, etc.
WordPress themes are generally safe when kept up-to-date. Pirated WordPress themes, can include compromised or malicious code and are not up-to-date versions.
When using a pirated WordPress theme you run the risk of having your site hacked. This is not only very inconvenient and time-consuming to deal with, but it can also get very expensive.
Once the hacker has his code installed on your website, he can get your admin access, and lock you out of your own site. If you use affiliate links like Amazon associate program, eBay, or Adsense, he can change links and use his own without you even knowing.
It is best to have security plugin installed. You can use iThemes Security plugin (check iThemes Security vs WordFence comparison), MalCare (check MalCare review) or Hide My WP.
How to Detect a Malicious Code?
Once you’ve downloaded a theme or a plugin, your first task is to scan it for viruses and harmful code. The results will rarely be positive. Go to VirusTotal.com and upload the zip file to check for the virus. If your file is infected you will get a red signal.
Plugins can be also checked using Exploit Scanner. Once scan done the plugin displays a list of suspicious codes you can easily find in your WP repository using the search filter.
Delete those immediately. But be noted that there are false positives and you may end removing code which is not bad and which plugin needs to function.
Be sure to make a backup before removing any code. For site backups you can use plugin like Duplicator, BackupBuddy (check BackupBuddy pros & cons), or WPVivid (see WPVivid review). For scanning theme files you can use a plugin called Theme Authenticity Checker (TAC).
What About Group Buys? Are They Allowed?
Group buy is sharing the cost with several people. For example, purchasing plugin developer version (unlimited sites) by splitting the cost with several people. So if plugin costs $499 and you find 5 people to split the cost with, you may end paying each $100 instead of full price.
The more people the lesser the cost. Now, this is surely better than using nulled version. But is this legal? Do theme and plugin authors allow this?
It depends. Some don’t but there are ones that do. Can’t say as this is not a topic often discussed nor do I have experience with this. Most developer pricing plans also give you permission to use the license on client sites and on unlimited number of sites.
WordPress Nulled Final Words
With cracked (nulled, pirated) WordPress themes you don’t get updates, and it’s unlikely you’ll have the latest version of the theme or plugin at any time.
This poses a security risk. But if you pay for a product you’ll get the updates and security fixes when they are out and be taking an important step towards making your site secure.
Security is very important but it’s hard to get excited about security updates. New features, on the other hand, are something to be excited about.
Not getting updates with pirated WordPress products means you’re also not getting any new features added. Just because a theme or a plugin is attractive and modern, doesn’t mean you should get at it all cost.
Here is an overview of the reasons to avoid nulled and pirated themes and plugins:
- Nulled themes and plugins can be infected with malicious code, which gives the developer access to your website.
- There is no updates and customer support as with paid products.
- Your website may easily be linked to spam content and ranked poorly by Google.
Of course, there is also an option that there will be no issues nor malicious code installed. But still, if there is issue you cant fix, there is no support you can contact.
I understand the temptation of seeing a beautiful premium theme available to download for free. If you can, avoid nulled products completely. Both in the cases of free and premium products. Try to download only from reputed websites and sources.
DISCLOSURE: Posts may contain affiliate links. If you buy something through one of those links, I might get a small commission, without any extra cost to you. Read more about it here.
2 thoughts on “WordPress Nulled Themes & Plugins – Should You Risk?”
Thanks a lot, I will definitely follow your advice.
Before purchasing theme or plugin I like to test it. Sometimes nulled products are the way to try product before paying and seeing that plugin or theme is not exactly what you need.