HelloARI logo: vinyl signs and identity design web design«    sign design«    blog«    contact«  USE MY IMAGINATION
web design and wordpress development 94114

san frnacisco web design

WordPress Vulnerability in “TimThumb” theme script

websense offers this graph of the recent “timthumb” security issue. I have certainly had my hands full tracking this bugger down and cleaning it up. This is a good argument for managed WordPress hosting where an expert keeps an eye on these issues for you.

 

timthumb security risks - very real dangers

 

via: Vulnerability in TimThumb WordPress Plugins – The Effects – Security Labs.

Read more about how to fix this issue at wpcandy. I found that many themes use the filename “thumb.php” so watch for that.

Note: you MUST delete timthumb or upgrade timthumb ASAP. AND you should still scan your files AND change your passwords. More helpful links:

Best and simplest option: this plugin will clean  your scripts: timthumb-vulnerability-scanner
This entry was posted in WordPress. Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*
*

© 1996 - 2024
contact  |  links  |  rss