WordPress TimThumb Vulnerability

TimThumb is a small php script for cropping, zooming and resizing web images (jpg, png, gif). This is widely used in many WordPress theme providers to crop, zom, resize images.

WHMCS Complete Billing and Support

There was zero day exploit in WordPress TimThumb 2.8.13 which was allowing remote code execution. The vulnerability was present within WebShots fuction of TimThumb script. Full discloser of this vulnerability was already available. It is highly recommend that you disable WebShots functionality in your TimThumb. For more details of this, please refer the following URLs:


WordPress TimThumb Vulnerability – WebShot Remote Code Execution (0-day)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.