Cherry Framework Theme Development Toolkit for WordPress 

In January 2022, the WordPress content management system (CMS) powered about 39.6% of all websites worldwide. This is indicative of the popularity of WordPress CMS, and this (popularity) can be attributed to 3 factors: WordPress CMS is free and open-source, it provides a vast repository of themes and plugins, and its themes can be customized (and developers can build new themes from scratch). Developing new WordPress themes quickly and efficiently is possible due to unique code libraries called frameworks. This post focuses on the Cherry Framework.

What is Cherry Framework?

To understand Cherry Framework, one must know what a WordPress Framework is and how it relates to WordPress themes.

As mentioned, WordPress is a CMS software. This software needs a front-end graphical user interface (UI) that allows visitors to interact with the information presented by this CMS on a webpage. A WordPress theme provides this UI.

The WordPress theme can be developed from scratch or use pre-coded code libraries to build a new theme quickly. The developers of these pre-coded libraries can either use their libraries for in-house theme development or release the code libraries to the public so that anyone can use them to develop their themes. If used for in-house theme development, these code libraries are called in-house frameworks, e.g., the Zoom and Tesla Framework. In contrast, those libraries released to the public are called independent frameworks, e.g., Genesis Framework that StudioPress of WPEngine, Incorporated develops., and the Cherry Framework that TemplateMonsters of Theme Technologies LLC creates.

Cherry Framework can now be described accurately as an independent framework used to develop WordPress themes; hence, it can be called a theme framework. Like WordPressCMS, this framework is free and open source, which makes it ideal for developers who want to use an open-source framework to develop free (and sometimes open-source) WordPress themes.

Cherry theme framework provides an out-of-the-box, parent-child theme architecture. As mentioned, any developer can build an entirely new theme using this framework. This theme can allow for customizations that enable styling of the website’s UI, including site layout, typography, and color scheme, allowing the user to design a custom theme from the original theme. Even so, there is a risk that when one upgrades the theme, all the design customizations will be lost, and the customized theme will revert to the default design of the original theme. To avoid this, the parent-child theme architecture was introduced.

Parent-Child Theme Architecture

In this architecture, the original theme is the parent theme, and it serves as the base theme that the website designer can customize and create a personalized theme. As expected, this customized theme inherits all the functions and codebase of the parent theme, which is called the child theme. Cherry Framework allows the developer to add more codes to the child theme, including new cascading style sheets and codes to extend the theme’s functionality. Thus, the child theme can have more lines of code (LoC) than the parent theme. Still, during theme updates, only the LoC of the parent theme is updated, thus ensuring that the child theme maintains its design consistency and extended functionality.

So, how does Cherry Framework realize this parent-child architecture? The answer lies in its directory management system. In the file manager, the child theme and its parent theme are two different folders so that changes made in the child theme do not affect the files in the parent theme. This way, if the child theme is corrupted, the parent theme remains untouched and can usually be updated. This ensures that errors made in the codebase of the child theme are not carried over to the parent theme, thus creating error tolerance during theme development because the faulty child theme can be discarded and a new child theme built from the error-free parent theme.

As a Toolkit

Cherry Framework is sometimes described as a toolkit for theme development. As mentioned, it has code libraries that integrate well with the core WordPress CMS code. These code libraries contain self-contained WordPress tools such as fully-fledged widgets, custom post types (e.g., testimonials, info boxes, and FAQ sections), and the unique Cherry Shortcodes. These tools allow developers to quickly and easily build unique WordPress themes using this framework. This collection of tools is called a toolkit, hence the description of this framework as a standalone theme development toolkit.

Cherry Shortcodes

A shortcode is any code with a very low LoC (usually 1 LoC) used to execute a large code (with a higher LoC). This shortcode can be executed in WordPress CMS and is dedicated to text, e.g., the post/page/text editor and widget area.

The shortcode is written to only work with the installed theme framework, theme, or plugin, i.e., it is fastidious to its theme framework or plugin.

Cherry Framework comes with a rich repository of shortcodes. As expected, one cannot use any of these shortcodes in a different theme framework, e.g., the Cherry shortcode cannot be used in the Genesis framework. These shortcodes also make the framework niche-specific. For example, the Cherry Framework is best suited for building e-commerce websites for small businesses, though a good developer can use this framework to build a good WordPress theme for any niche.

Cherry Theme

TemplateMonsters has used the Cherry Framework to build a unique theme called the Cherry Theme. Unlike the open-source Cherry Framework, this WordPress theme is proprietary, and Theme Technologies LLC owns the rights to its source codes.

To install the Cherry theme in a self-hosted WordPress website, one must install and activate the Cherry Plugin from the plugin repository. This form of theme installation is similar to how one installs the Material theme (provided by Google), which is not found in the theme repository in WordPress.org, but it can be installed if one installs the Material plugin, which then allows one to install the Material theme.

A Word about Vulnerability

Usually, any vulnerability in a WordPress framework is carried over into the themes created using it unless the developer notices the vulnerability and patches it. This is the case with Cherry Framework which was found in 2016 to have access control and input validation vulnerabilities that could allow a malicious visitor (i.e a hacker) to a vulnerable website to upload files that contain executable malicious code. This way, the hacker could remotely execute the code and gain unauthorized access to the website’s backend. This vulnerabilities were located in the upload.php file of the framework, and they were patched in 2016.

Vulnerability patches in the framework and its themes highlight the importance of updating WordPress themes when security updates are released. For instance, if users of themes made using the Cherry framework do not update their themes when updates are released, they expose their websites to hacking.

In 2018, another vulnerability was discovered that could allow anyone to download a website’s backup file as long as (s)he knows the directory path to the WP-content/themes directory (which is stored on the server). This vulnerability was quickly patched, and the security patches secured relevant websites that updated their themes.

In conclusion, website owners, administrators, and theme developers who build and use themes based on the Cherry Framework should ensure that their themes are always up-to-date, especially regarding security patches.