How do I speak to someone about broken/malicious items on ThemeForest?

Someone needs to seriously do something about the amount of malicious, broken, spam ridden themes there are in here.



I agree - there are several themes for sale on Envato and when I might be browsing some of those themes, straight away either Norton Internet Security or Malwarebytes will jump in preventing me from seeing the theme in question.

As a business Enavto need to carefully review HTML and PHP themes from time to time, because some of the links to those websites where people are selling items VIA and THROUGH the envato platform, have either had their own websites compromised, or the themes are so poor, they have been compromised by hackers.

Envato is working on tidying the files for sale up a bit however this is obviously a long-term process.

Speaking as a big buyer I appreciate the frustration with any broken or corrupt item that someone comes across. However, at the same time with thousands of items which, crucially and unlike most other marketplaces, are not owned, developed, or maintained by Envato it is pretty much an impossible ask to have significant control.

I am certain that Envato would greatly appreciate hearing any (realistic) suggestions anyone has…

To answer the original question, you can share links to problematic items here Envato Market Help and Support


Most themes are littered with junk. One theme I just installed came with 400 spam russian comments with malicious links. Some plugins crash my site. Some plugin dont work at all and you click on the author link it is a 404. Many more other problems too.


I also buy lots of themes and files, but Envato do make huge profits from selling (or being a marketplace for these items) and therefore need to be diligent in checking authors approved submissions from time to time.

Whilst this might take time, it would be really useful if BUYERS had a way of reporting items for sale as showing red flags from security software, or being able to demonstrate that items were clearly not fit for purpose. I would NOT be exaggerating if I said at least 20 to 30 items I have looked at then cause Norton or Malwarebytes to spring into action when viewing their themes.

I would like myself personally a way of FLAGGING AN ITEM for review and being able to submit screenshots of protection software. Malwarebytes and Norton are both respected anti-virus vendors in my opinion, and if they tell me a website is bad, then I’m sorry I will believe them.

1 Like

I agree that the theory is very sensible but the reality is just not feasible.

I agree that Envato should be diligent and they do check items properly when initially reviewing them, but they have no way of knowing if the author then breaks the demo 24 hours later other than to re-check items again and again.

There is also a significant business impact that this would create and a cost that would eventually need to be passed to buyers or authors in one way or another. Again, I appreciate the frustration but at the same time I imagine that the % of items that are genuinely in a bad place is quite limited in the bigger picture of things.

I agree that it would be useful to be able to report issues (which we do a lot and not just errors but people exploiting the network or breaching licenses too). However it has the potential to open a can of worms when in reality probably the minority of users are actually qualified to accurately determine if there really is an issue. If Envato proactively encourage people to raise concerns this would create an explosion of unfounded issues which would create a huge backlog and cost to check.


ffs remove that and just stay away from the porn clicks

there’s nothing malicious about these items

In actual point I do stay away from porn clicks -

I suppose Malwarebytes is garbage too???

One author 4 items and the other has loads of items -
It’s not the buyers fault if some sellers do not safeguard their websites, and not everyone uses any internet security.

Additionally OUTSIDE of the Envato platform I stumble across many website links where sites have been compromised - usually because they use out of date wordpress installs, or stolen scripts that have been tampered with by whoever is offering them for nothing.

yes, that’s even crappier. any “anti” malware/virus software or whatever, is more malware than the ones it removes. if it “detects” more it’s not better

you cannot get a trojan by visiting a page in browser unless you click and execute something. if this was not true, probably just about any computer would have a trojan and internet wouldn’t exists

malware/antivirus software works on affiliate networks and referrals schemes and is crap 100%, this tells you the guy that’s in computers for 35 years

also get some work on your hands instead of chasing infected websites, lol, you can do that for eternity


Thanks for your reply and comments

@123Simples , just a thought, if you want to make sure a zip contains “legit” stuff, I’d recommend Virus Total (not affiliated, but it never let me down). Great to check anything with a zip in it. I’m not affiliated with them, they are 100% free (as far as I know) and I’ve never had issues with them. For the past 5 years, absolutely brilliant tool! :+1:t2:


@Enabled thankyou :slight_smile: :+1:

1 Like

No worries! Cheers mate! :fist_right:t2: :fist_left:t2:

1 Like


Excellent tool and thank you for sharing - best wishes :slight_smile:

1 Like

cannot agree more

Hi @charlie4282, thanks for sharing the above link. i have submitted my ticket on the same link. I recently purchased expeditor wordpress template with full support option. Now when i am trying to configure the theme it seems the widgets options arent as configurable as shared in the documentation. I did raise the ticket on the support website of the developer but i cant submit a ticket as it requires a purchase code validation. When i am using the website support validation it says its used for another purpose can someone help me with this?