HelloARI logo: vinyl signs and identity design home«    web design«    sign design«    photography«    blog«    contact« 

web design and wordpress development 94114
blog»
san frnacisco web design

WordPress Vulnerability in “TimThumb” theme script

2 Flares 2 Flares ×

websense offers this graph of the recent “timthumb” security issue. I have certainly had my hands full tracking this bugger down and cleaning it up. This is a good argument for managed WordPress hosting where an expert keeps an eye on these issues for you.

 

timthumb security risks - very real dangers

 

via: Vulnerability in TimThumb WordPress Plugins – The Effects – Security Labs.

Read more about how to fix this issue at wpcandy. I found that many themes use the filename “thumb.php” so watch for that.

Note: you MUST delete timthumb or upgrade timthumb ASAP. AND you should still scan your files AND change your passwords. More helpful links:

Best and simplest option: this plugin will clean  your scripts: timthumb-vulnerability-scanner
2 Flares Twitter 0 Facebook 0 Google+ 1 LinkedIn 1 Email -- 2 Flares ×
This entry was posted in WordPress. Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*
*

 

2 Flares Twitter 0 Facebook 0 Google+ 1 LinkedIn 1 Email -- 2 Flares ×
© 2016
contact  |  links  |  rss