Free WordPress themes may need cleaning
The Problem: Makers of those free WordPress themes may not be as altruistic as they seem. Many include code in their themes that you don’t know about. That’s not nice. Worse, the secret code is often “obfuscated” so that you can’t read it to see what it does.
The threat could be relatively minor, just increasing the theme maker’s search engine ranking by spreading self-serving link-backs. Or, it could contain malware that does bad things. You don’t want that, of course, so you need a way to check themes before you use them.
The Answer: You need the TAC (Theme Authenticity Checker) plugin for WordPress. It will check the themes you have installed and give you a report… like this screenshot.
As you see, my theme is clean but a static link is reported. The “Details” button reveals the link to be one to an organization that the author wishes to support. That’s fine, and the author makes it clear that leaving the link in place is optional.
If the plugin reveals sneaky stuff you could attempt to remove it and use the theme anyway, but I would advise avoiding the theme altogether.