WordPress.org

Ready to get started?Download WordPress

Forums

WP Mobile Detector Mobile Plugin
[Plugin: WP Mobile Detector] close timthumb.php backdoor (2 posts)

  1. petercasier
    Member
    Posted 2 years ago #

    I can see the newest WP Mobile Detector plugin has the newest timthumb.php but I strongly suggest to change the line:

    define ('ALLOW_EXTERNAL', TRUE);

    to

    define ('ALLOW_EXTERNAL', false);

    so no external sites can upload malicious code.

    Peter

    http://wordpress.org/extend/plugins/wp-mobile-detector/

  2. websitezcom
    Member
    Plugin Author

    Posted 2 years ago #

    Unfortunately that would mean that any linked images from remote sites would not work.

    The latest version of the Timthumb.php script does proper validation to prevent malicious intent.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic