Tagged: ,

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #6138

    Hi. Have you updated the timthumb.php script to the latest since the vulnerability was exposed?

    #53008

    Hey,

    you can delete timthumb.php. It’s not required anymore since WP3+. I asked Kriesi to update all themes (basically to upload all theme files without timthumb.php) but it seems like he forgot it…. :-/

    #53009

    Agreed, WP has made it clear no themes should use it anymore. I think Kriesi should really do this to make his themes comply. (here’s a good overview http://www.themelab.com/2011/08/02/timthumb-security-exploit/ )

    #53010

    As far as I know the latest version of timthumb is considered as secure again :) – however nearly all of our themes use the wp resize function. I think only Levitation and Display require Timthumb and both use the new timthumb script version.

    #53011

    Cool. Thanks.

    #53012

    Glad that Dude could help :)

Viewing 6 posts - 1 through 6 (of 6 total)

The topic ‘Timthumb.php’ is closed to new replies.