Scans your wp-content directory for vulnerable instances of timthumb.php, and optionally upgrades them to a safe version.
This plugin does what it says, but only for older exploits and not more recent timthumb security issues. Hopefully the developers can update the plugin or at the very least allow the plugin to be updated by others.
It correctly identified an older version I had running that was creating a vulnerability that was being exploited, and upgraded it in no time. Even gave correct error messages when I had permissions set up incorrectly for it to be able to make the change itself.
As in http://wordpress.org/support/topic/not-recognizing-timthumb-2813-as-latest-version said, it seemed to be broken. Doesn't work anymore. Also the plugin-homepage exist any longer, it's now a paid service instead.
A website I manage for a non-profit was recently hacked. Found out that the theme the company had been using was extremely out of date and unfortunately had this exploit. This plugin found the file and updated it to the newest version! Install, activate, scan, found and update! That easy!
It does what it says on the tin, and does so nicely and seamlessly. If only all WordPress plugins could be like that!
TT update messed up my theme now i got some work ahead of me(exactly what i was trying to avoid doing at this point)
why is there no undo option just in case something goes berserk in the update process or if user changes their mind?
you should warn users that there is no backup and turning back once you patch the files.
it´s really working out
Great tool ! Thank you very much !
Not only useful for those running sites with these scripts, but also for developers and theme makers making use of the script (which despite the bad rep is vary good too!)
No WordPress site should be without this plugin. Too many vulnerable/outdated timthumb scripts still exist in some plugins and themes.
You must log in to submit a review. You can also log in or register using the form near the top of this page.