[How to] Decode an Encoded PHP Script in Wordpress Themes

by: - Last updated on: December 17th, 2016

php logo

I adore Wordpress themes! And I like to download and test the themes (free ones) frequently. Few days back I bumped across a plugin – TAC (Theme Authenticity Checker) which checks for any malicious code in the Wordpress themes present in /wp-content/themes folder.

When I ran TAC today, I found that couple of the themes I downloaded yesterday (name withheld) were having some encoded string in the Footer section. TAC projected them as potential threats since some malicious code could have been injected and encoded. The code looked something like this


I started looking out for a tool which can decode this encoded string for me. And I found out this page which can encode as well decode! There is a radio button at the bottom where you need to select the decode option. The output decoded data will be displayed in the same screen within few seconds!

Just replace the encoded code with the decoded one and the theme will continue to work like a charm!

Link: Base-64-encoder-decoder

Mirror: Base-64 decoder

Also try this : OpionatedGeek decoder tool

Weekly Newsletter

Sign up for a specially curated Tech Newsletter.


Leave a Reply

Your email address will not be published.

  1. I have downloaded many themes in various version: word press, HTML. Drupal etc, they were all zip files. I have umzipped them but one theme has come under so many files and I can’t put them together to form the actual site. For the HTML it’s ok. I just go to page and opened it as web page. For the others I am lost. Can anybody help.