TheThe Image Slider
Timthumb vulnerability (1 post)

  1. Paul
    Posted 2 years ago #

    I discovered yesterday that my site had been comprised and identified that the hack exploited to do this was the Timthumb vulnerability. I had version 1.1.8 of the TheThe Image Slider but the version of Timthumb used within this was 2.8, not one of the later 'fixed' versions.

    I've now resolved this and I see that the version of timthumb in the current download of Image Slider is 2.8.10. Did you fix this without changing the version number of Image Slider, and therefore triggering a plugin update?

    I suggest that anyone else using TheThe Image Slider checks the version of timthumb.php in their TheThe-Image-Slider plugin directory to check they have version 2.8.2 upwards. There is a plugin to check all your plugins called Timthumb Vulnerability Scanner. This can also be used to fix any problems.


Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic