WordPress Boots Pirated Themes and Plugins

WordPress.org announced that plugins and themes that are pirated versions of paid plugins and themes will be removed from the official WordPress repositories. The WordPress community debated if that approach violated the WordPress Open Source GPL license that allows derivative works to be distributed.

The announcement itself affirmed that premium plugins are developed under the GPL that allows the creation of derivative works. But it also reserved the right to remove the plugins from the official plugin repository.

WordPress Hosts Pirated Themes and Plugins?

Apparently the official WordPress theme and plugin repositories have distributed pirated versions of premium plugins and themes in the past. One developer asserted that WordPress still does.

A developer claimed he had alerted WordPress to plugin privacy and that WordPress had done nothing about it.

“But but… 2 or 3 years ago I alerted you to a plugin which stole code and functions and even ‘word-for-word’ dashboard items from my plugins and you didn’t want to do anything…”

WordPress GPL Open Source

WordPress states that plugins and themes developed for WordPress that contain WordPress code are derivative works. Because of that, those plugins and themes inherit the open source GPL license.

WordPress explains the GPL license like this:

“GPL is an acronym for GNU Public License. It is the standard license WordPress uses for Open Source licensing https://wordpress.org/about/license/.

The GPL is a ‘copyleft’ license https://www.gnu.org/licenses/copyleft.en.html.

This means that derivative work can only be distributed under the same license terms. This is in distinction to permissive free software licenses, of which the BSD license and the MIT License are widely used examples.”

It’s clear that anyone is free to create derivative works based on all plugins and themes that are considered derivative works.

That said, the WordPress.org GNU Public License page acknowledges there may be legal gray areas about what is considered a derivative work.

The WordPress page about the license states:

“There is some legal grey area regarding what is considered a derivative work, but we feel strongly that plugins and themes are derivative work and thus inherit the GPL license.”

Pirated Plugins Prohibited from WordPress Repositories

WordPress.org maintains a directory of free plugins and themes that are available for download. The directory is called a repository. For example, the directory where themes can be downloaded is called “the official WordPress.org theme repository.”

There is an approval process that must be undergone before getting listed in the repositories. But once a theme or plugin is approved they are entered into the WordPress ecosystem and are available to all WordPress publishers for free.

Pirated Software Prohibited on WordPress.org

The announcement said:

“Taking someone’s pay-for code and re-releasing it as free-of-charge is considered to be piracy and is not welcome here.

It doesn’t matter if the code is GPL, it matters than you’re stealing the opportunity of the original developers to make a living, and we feel that is detrimental to the community.

In addition, it’s often in violation of the terms you agreed to when you downloaded the plugin from the developer in the first place.

By you doing that, and rehosting here, you put the entire directory in peril. Arguably we become responsible for your actions. As such, we do not permit plugins that are sold off WordPress.org to be re-hosted here.”

WordPress Community Feedback

The community was largely supportive of the intent behind forbidding pirated premium plugin and theme clones. Yet there was still some unease about whether pirated software might be legal and if perhaps WordPress.org was overstepping by prohibiting the cloned software.

One commenter wrote:

“I think the wording of the post is problematic, whilst I generally agree with the sentiment, its references to the GNU GPL v2 and the use of the term “piracy” (no ship or boat borne attackers were involved) and “stole” (no one lost anything they were entitled to) when people are exercising a right outlined in the WordPress project’s own philosophy.

…WordPress is distributed under the GNU GPLv2, the WordPress project itself asserts that plugins and modules are “derivative works”. The GNU GPLv2 explicitly excludes additional terms being applied to the distribution of source code.

…The WordPress Projects philosophy specifically supports redistribution without needing to ask permission from its creators.”

Another person asserted that piracy of premium plugins and themes still constitute copyright infringement.

“Open source licenses do not supersede copyright. The original author(s) still has that and if someone misrepresents the code as their own, while it is ripped off – or politely put “forked” – from someone else’s code, they *are* violating the author’s copyright.”

The person who published the official announcement asserted that the activity WordPress is banning is indeed a violation of copyright.

She posted:

“These aren’t people forking and changing code, these are literally people making a copy, where the only changes are to hide who they took the code from. No new features, nothing.”

Beware of Pirated Plugins and Themes

Some plugins cost hundreds of dollars per year because it takes teams of people to develop it. Using such software deprives those people of earnings.

It’s tempting to download a free WordPress theme or plugin that is exactly the same as a premium version that can cost a hundred dollars or more.

Yet it’s important to be aware that pirated software can also contain backdoors and programs designed to take over a website.

Overall it may be a good idea for the entire WordPress community, from software developers to the publishers who rely on WordPress that rogue software thieves are not allowed to distribute their pirated plugins and themes from the official WordPress repositories.


Read the official WordPress Announcement:

Reminder: Forked Premium Plugins Are Not Permitted