Bob
09-16-2011, 09:22 AM
As originally posted by Kitchin there is an issue with some WordPress themes as a result of a timthumb.php file vulnerability.
http://www.aota.net/forums/showthread.php?t=26036
Additional information may be located in the following links:
http://ma.tt/2011/08/the-timthumb-saga/
http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/
There has now been a "Timthumb Vulnerability Scanner" developed and information regarding this may be viewed here:
http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/
FutureQuest strongly recommends that all Site Owners running WordPress review the above links to determine if their sites may be vulnerable and if so to take the appropriate action.
-Bob
http://www.aota.net/forums/showthread.php?t=26036
Additional information may be located in the following links:
http://ma.tt/2011/08/the-timthumb-saga/
http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/
There has now been a "Timthumb Vulnerability Scanner" developed and information regarding this may be viewed here:
http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/
FutureQuest strongly recommends that all Site Owners running WordPress review the above links to determine if their sites may be vulnerable and if so to take the appropriate action.
-Bob