timthumb.php remote code execution

  • An image resizing utility named timthumb is widely used by many WordPress themes and plugins. Some versions of this utility contain a security vulnerability that allows hackers to upload and execute arbitrary PHP code in your timthumb cache directory. Acunetix identified that your blog contains a vulnerable version of this utility. It's recommended to immediately upgrade to the latest version.
  • Upgrade to the latest version of timthumb.php. Version 1.34 is the first version that contains the fixed code.