WordPress.org

Ready to get started?Download WordPress

Forums

TheThe Image Slider
Timthumb vulnerability (1 post)

  1. Paul
    Member
    Posted 1 year ago #

    I discovered yesterday that my site had been comprised and identified that the hack exploited to do this was the Timthumb vulnerability. I had version 1.1.8 of the TheThe Image Slider but the version of Timthumb used within this was 2.8, not one of the later 'fixed' versions.

    I've now resolved this and I see that the version of timthumb in the current download of Image Slider is 2.8.10. Did you fix this without changing the version number of Image Slider, and therefore triggering a plugin update?

    I suggest that anyone else using TheThe Image Slider checks the version of timthumb.php in their TheThe-Image-Slider plugin directory to check they have version 2.8.2 upwards. There is a plugin to check all your plugins called Timthumb Vulnerability Scanner. This can also be used to fix any problems.

    http://wordpress.org/extend/plugins/thethe-image-slider/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic