WordPress.org

Support

Support » Plugins and Hacks » Hacks » All of my wordpress sites have been hacked

All of my wordpress sites have been hacked

  • All of my websites have been hacked and are now redirecting to foreign websites. I have read that it is most likely caused by my outdated version of the timthumb plugin.

    Does timthumb update when I update wordpress? If not how do I keep it up to date to prevent this from happening?

    Thanks

Viewing 1 replies (of 1 total)
  • catacaustic
    very awesome

    @catacaustic

    Timthumb is not part of the WordPress core. It’s used mostly in themes for image resizing, and it’s been probably the most highly publicised vunerability that’s been found for a very long time.

    There are plugins that can scan for timthumb and help you to update it to the latest scripts, and that might help.

    I’ve had this happen on some of my sites, and even after I removed all of the malicious code, upgraded to the latest version of timthumb and did everything that was recommended to stop this, it kept happening. It only stopped after I completely removed timthumb from the sites. I’d recommend that you don’t use timthumb unless you really have to.

Viewing 1 replies (of 1 total)
  • The topic ‘All of my wordpress sites have been hacked’ is closed to new replies.