Description:
There are certain categories of plugins that are not accepted in the WordPress.org repository due to their inherent nature, as they pose security risks or do not align with the Plugin Guidelines.
While some of these restrictions are implicitly covered in the guidelines, they are not always clear to plugin authors during submission. Creating a dedicated section would help reduce confusion and improve the submission process.
Currently identified categories include:
- File and system management tools
- Database managers
- Plugin installers / dependency installers
- Plugins that pull and execute code from external sources
- External code loaders / sync tools
- CSS/JS/PHP code editors
- Scraping / content extraction plugins (case by case, but often rejected)
- Storefront / theme-like plugins
- Plugins with no real user-facing functionality (Ex. Only display developer info or add trivial/non-useful output, Are too specific for a single use case )
- Demo / placeholder plugins
- Plugins with no functionality at all
These types of plugins typically allow direct file or database manipulation, which can introduce significant security risks or bypass WordPress capabilities and permissions.
Questions:
- Should we expand this list with additional categories?
- Where would be the best place to include this section for better visibility?
(e.g., Plugin Guidelines, Developer Handbook, submission page)
Suggestion:
A dedicated section such as “Disallowed Plugin Categories” could be added to the Plugin Guidelines or prominently referenced during the submission process.
Description:
There are certain categories of plugins that are not accepted in the WordPress.org repository due to their inherent nature, as they pose security risks or do not align with the Plugin Guidelines.
While some of these restrictions are implicitly covered in the guidelines, they are not always clear to plugin authors during submission. Creating a dedicated section would help reduce confusion and improve the submission process.
Currently identified categories include:
These types of plugins typically allow direct file or database manipulation, which can introduce significant security risks or bypass WordPress capabilities and permissions.
Questions:
(e.g., Plugin Guidelines, Developer Handbook, submission page)
Suggestion:
A dedicated section such as “Disallowed Plugin Categories” could be added to the Plugin Guidelines or prominently referenced during the submission process.