Cherry Framework – An Open-Source, Free, and Independent Theme Development Toolkit 

In January 2022, the WordPress content management system (CMS) powered about 39.6% of all websites in the world. This is indicative of the popularity of WordPress CMS, and this (popularity) can be attributed to 3 factors: WordPress CMS is free and open-source, it provides a huge repository of themes and plugins, and its themes can be customized (and developers can build new themes from scratch). The ability to develop new WordPress themes quickly and efficiently is possible due to existence of unique code libraries called frameworks. This post focuses on the Cherry Framework.

What is Cherry Framework?

To understand what Cherry Framework is, one must know what a WordPress Framework is, and how it relates to WordPress themes.

As mentioned, WordPress is a CMS software, and this software needs to have a front-end graphical user interface (UI) that allows visitors to interact with the information presented by this CMS in form of a webpage. This front-end graphical UI is provided by a WordPress theme.

The WordPress theme can be developed from scratch, or one can use pre-coded code libraries to quickly build a new theme. The developers of these pre-coded libraries can decide to either use their libraries for in-house theme development, or release the code libraries to the public so that anyone can use them to develop their own themes. If used for in-house theme development, these code libraries are called in-house frameworks e.g the Zoom Framework and Tesla Framework, while those libraries that have been released to the public are called independent frameworks e.g Genesis Framework that is developed by StudioPress of WPEngine, Incorporated., and the Cherry Framework that is developed by TemplateMonsters of Theme Technologies LLC.

Cherry Framework can now be described accurately as an independent framework used to develop WordPress themes, hence it can be called a theme framework. Also, like WordPressCMS, this framework is free and open source, which makes it ideal for developers who want to use an open-source framework to develop free (and sometimes open-source) WordPress themes.

Cherry theme framework provides the parent-child theme architecture out-of-the-box. As mentioned, any developer can build an entirely new theme using this framework. This theme can allow for customizations that enable styling of the website’s UI including site layout, typography, and color scheme, thereby allowing the user to design a custom theme from the original theme. Even so, there is a risk that when one upgrades the theme, then all the design customizations will be lost and the customized theme will revert back to the default design of the original theme. To avoid this, the parent-child theme architecture was introduced.

Parent-Child Theme Architecture

In this architecture, the original theme is the parent theme, and it serves as the base theme that the website designer can customize and create the customized theme. As expected, this customized theme inherits all the functions and codebase of the parent theme, and for this reason, it is called the child theme. Cherry Framework allows the developer to add more codes in the child theme, including new cascading style sheets and codes to extend functionality of the theme, and thus the child theme can have more lines of code (LoC) as compared to the parent theme, but during theme updates, only the LoC of the parent theme are updated thus ensuring that the child theme maintains its design consistency and extended functionality.

So how does Cherry Framework realize this parent-child architecture? The answer lies in its directory management system. In the file manager, the child theme and its parent theme are 2 different folders so that changes made in the child theme do not affect the files in the parent theme. This way, if the child theme is corrupted, the parent theme remains untouched and can be updated normally. This ensures that errors made in the codebase of the child theme are not carried over to the parent theme, thus creating error tolerance during theme development because the faulty child theme can be discarded and a new child theme built from the error-free parent theme.

As a Toolkit

Cherry Framework is sometimes described as a toolkit for theme development. As mentioned, it comes equipped with code libraries that integrate well with the core WordPress CMS code. Among these code libraries are self-contained WordPress tools such as fully-fledged widgets, custom post types (e.g testimonials, info boxes, and FAQ sections), and the unique Cherry Shorcodes. It is these tools that allows developers to quickly and easily build unique WordPress themes using this framework. This collection of tools is called a toolkit, hence the description of this framework as a standalone theme development toolkit.

Cherry Shortcodes

A shortcode is any piece of code with very low LoC (usually 1 LoC) that is used to execute a large code (with higher LoC). This shortcode can be executed in areas of the WordPress CMS that are dedicated to text e.g the post/page/text editor and widget area.

The shortcode is written to only work with the installed theme framework, theme, or plugin, i.e the shortcode is fastidious to its theme framework or plugin.

Cherry Framework comes with a rich repository of shortcodes. As expected, one cannot use any of these shortcodes in a different theme framework, e.g one cannot use the Cherry shortcode in the Genesis framework. These shortcodes also make the framework to be niche-specific e.g the Cherry Framework is best suited for building e-commerce websites for small businesses, though a good developer can use this framework to build a good WordPress theme for any niche.

Cherry Theme

TemplateMonsters have used the Cherry Framework to build a unique theme called the Cherry Theme. Unlike the open-source Cherry Framework, this WordPress theme is proprietary and rights to its source codes are owned by Theme Technologies LLC.

To install Cherry theme in a self-hosted WordPress website, one must install and activate the Cherry Plugin from the plugin repository. This form of theme installment is similar to how one installs the Material theme (provided by Google) which is not found in the theme repository in WordPress.org, but it can be installed if one installs the Material plugin which then allows one to install the Material theme.

A Word about Vulnerability

Normally, any vulnerability in a WordPress framework is carried over into the themes created using it, unless the theme developer noticed the vulnerability and patched it. This is the case with Cherry Framework which was found in 2016 to have access control and input validation vulnerabilities that could allow a malicious visitor (i.e a hacker) to a vulnerable website to upload files that contain executable malicious code. This way, the hacker could remotely execute the code and gain unauthorized access to the backend of the website. This vulnerabilities were located in the upload.php file of the framework, and they were patched in 2016.

Vulnerability patches in the framework and its themes highlight the importance of updating WordPress themes when security updates are released. For instance, if users of themes made using Cherry framework do not update their themes when updates are released, they expose their websites to hacking.

In 2018, another vulnerability was discovered that could allow anyone to download the backup file of a website as long as (s)he knows the directory path to the WP-content/themes directory (that is stored in the server). This vulnerability was quickly patched, and relevant websites that updated their themes were secured by the security patches.

In conclusion, website owners, website administrators, and theme developers who build and use themes based on the Cherry Framework should ensure that their themes are always up-to-date, especially in terms of security patches.