If you’re worried about the recent TimThumb security vulnerability, but haven’t had a chance to see if you’re affected, identifying and fixing vulnerable instances of TimThumb just got a whole lot easier thanks to a new plugin from Peter Butler.
Now, all you need to do is install and activate this plugin, run the scanner from the new Tools -> Timthumb Scanner section in your Dashboard, and click the Fix button to repair any vulnerabilities that are found.
Thanks for the mention! If anybody has any problems with the plugin, please get in touch with me either on the wp.org forums, or through codegarage.com – I’m happy to help.
Hey James,
Thanks for the post. Peter, thanks for the plugin. I just got an email from my hosting provider a few days ago telling me about this vulnerability. I basically ignored it because I didn’t have time to figure it out until I ran across this article.
Just downloaded the plugin, it found 2 that were ok and 2 that needed to be fixed. Clicked the fix button for both of them and now they show up as green and ok.
I guess I can go ahead and uninstall the plugin now correct?
Thanks so much for putting it together.