WordPress TimThumb Vulnerability
TimThumb is a small php script for cropping, zooming and resizing web images (jpg, png, gif). This is widely used in many WordPress theme providers to crop, zom, resize images.
There was zero day exploit in WordPress TimThumb 2.8.13 which was allowing remote code execution. The vulnerability was present within WebShots fuction of TimThumb script. Full discloser of this vulnerability was already available. It is highly recommend that you disable WebShots functionality in your TimThumb. For more details of this, please refer the following URLs:
https://code.google.com/p/timthumb/issues/detail?id=485&thanks=485&ts=1403690188
http://seclists.org/fulldisclosure/2014/Jun/117