[Cialug] wordpress vulnerability in the wild

Matthew Nuzum newz at bearfruit.org
Thu Aug 4 16:14:20 CDT 2011


Check your Wordpress themes for a file called timthumb.php, it can be
exploited to allow people to upload code to your server and hack your
website:
http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/

You may not have the file, it's only included in some add-on themes, it's
not part of Wordpress itself, however it is apparently pretty common.

-- 
Matthew Nuzum
newz2000 on freenode, skype, linkedin and twitter

♫ You're never fully dressed without a smile! ♫
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cialug.org/pipermail/cialug/attachments/20110804/98e9bdbc/attachment.html>


More information about the Cialug mailing list