I'm sorry if this one has been beaten to death but I can;t find specific information on fixing this issue in the display theme. I have installed and customized Display v 2.0.3 and upon launch have seen warnings regarding the 2.8.10 version of timthumb.php file. Do you have a fix for this? I believe Display uses timthumb quite a bit right?
Timthumb Exploit Display V2.0.3
6 posts from 3 voices- Started 1 year ago by timothyrobb
- Latest reply from Dude
- This topic is closed
- This topic is resolved
-
Hi,
Version 2.0.3 of Display comes with the updated timthumb.php file so as long you're running 2.0.3 you're in the clear. In the future if more updates need to be made all you'll need to do is download the updated version of Display from ThemeForest.
Regards,
MyaPosted 1 year ago # -
timothyrobb
MemberThanks Mya, however I am using v2.0.3 and the warnings are going off all over the place. I just downloaded the latest version off themforest and looked at the Timthumb.php file. It has the same version, 2.8 that I have now. Has a modify date of 8/25/11. Are you saying this is an updated version and I should ignore the script warnings? I do see his latest is 2.8.10 and there have been quite a few revised versions since 2.8 that is in the theme now. http://timthumb.googlecode.com/svn/trunk/timthumb.php
Posted 1 year ago # -
Hi!
Yes. Timthumb 2.x is actually a complete new script. It was created by a new author: http://markmaunder.com/2011/08/05/wordthumb-is-now-timthumb-2-0/ who took care of the security issues in timthumb 1.x.
Best regards,
PeterPosted 1 year ago # -
timothyrobb
MemberOK, then. Just an FYI that a variety of the malicious script tools are identifying this as compromised because he's also issued a variety of fixes to that. 2.8 is a few revs ago and exploits were found in those too. I updated to 2.8.10 and there seems to be no issue with functionality....yet.
Posted 1 year ago #
Topic Closed
This topic has been closed to new replies.
Create a new thread and tell me what problems you are encountering and what you want to know. 
There is no step 3 :) 
