TimThumb is a small php script for cropping, zooming and resizing web images (jpg, png, gif). Many WordPress themes and plugins distribute this script. A remote code execution vulnerability was reported in the WebShot feature of this script. This vulnerability was reported in v2.8.13 but previous versions are also vulnerable.

Upgrade to the latest version of timthumb or disable the WebShot feature (if enabled).

• Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day)