WordPress Hosting Clients Zero Day Exploit Alert!!

This is a public service announcement for all clients hosting WordPress websites. If you use the plugin “TimThumb” which is used in many popular themese, you need to be aware that is has been fund to be  a very vulnerable exploit that will allow hackers to gain control of your WordPress installation.  If you are using the plugin TimThumb.php (or Thumb.php, as I am told it is also called) then you need to replace that file on your blog with the latest version of TimThumb located here (http://timthumb.googlecode.com/svn/trunk/timthumb.php). We have sent an email out to all shared hosting clients, in hopes that our clients catch this bug in time to help prevent any damage to their blogs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.