Important Wordpress Vulnerability with TimThumb plugin (version 2.8.13)

Discussion in 'News and Announcements' started by leafypiggy, Jun 25, 2014.

Thread Status:
Not open for further replies.
  1. leafypiggy

    leafypiggy Manager of Pens and Office Supplies Staff Member

    Messages:
    3,819
    Likes Received:
    163
    Trophy Points:
    63
    A vulnerability to the TimThumb Wordpress Plugin has been released today. TimThumb is a small php script for cropping, zooming and resizing web images (jpg, png, gif). Perfect for use on blogs and other applications. Developed for use in the WordPress theme Mimbo Pro, and since used in many other WordPress themes.

    We advise you to make sure that all plugins that are in use on your Wordpress websites are up to date, and to also make sure Wordpress Core is updated as well.

    The full disclosure article (if you'd like to read more) is located at http://seclists.org/fulldisclosure/2014/Jun/117
     
    Last edited: Jun 25, 2014
    • Like Like x 1
    • Informative Informative x 1
Thread Status:
Not open for further replies.

Share This Page