HelloARI logo: vinyl signs and identity design home«    web design«    sign design«    photography«    blog«    contact« 
web design and wordpress development 94114
blog»
san frnacisco web design

WordPress Vulnerability in “TimThumb” theme script

By Ari Salomon | Published: August 21, 2011
3 Flares 3 Flares ×

websense offers this graph of the recent “timthumb” security issue. I have certainly had my hands full tracking this bugger down and cleaning it up. This is a good argument for managed WordPress hosting where an expert keeps an eye on these issues for you.

 

8547.chart WordPress Vulnerability in TimThumb theme script

 

via: Vulnerability in TimThumb WordPress Plugins – The Effects – Security Labs.

Read more about how to fix this issue at wpcandy. I found that many themes use the filename “thumb.php” so watch for that.

Note: you MUST delete timthumb or upgrade timthumb ASAP. AND you should still scan your files AND change your passwords. More helpful links:

Best and simplest option: this plugin will clean  your scripts: timthumb-vulnerability-scanner
3 Flares Twitter 1 Facebook 0 Google+ 1 LinkedIn 1 Email -- Email to a friend 3 Flares ×
This entry was posted in WordPress. Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Add this ribbon to your WordPress website re-abolish slavery
3 Flares Twitter 1 Facebook 0 Google+ 1 LinkedIn 1 Email -- Email to a friend 3 Flares ×
© 2013
contact  |  links  |  rss