Securityfocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the internets largest and most comprehensive database of. Apr 06, 2008 timthumb is a small simple script that crops, zooms and resizes images for your wordpress blog or other application. Always update wordpress, wordpress fixes vulnerabilities and the older your version is the more susceptible you are to getting hacked. This morning we were made aware of a security flaw within the timthumb image resizing script, which is utilized in our themes for dynamic image resizing. However, you have to check whether your timthumb file does not have this option enabled to prevent it from being misused. If a website named had the slider revolution installed plugin versions 4. We wrote a post about it, describing the reasons for stopping using timthumb and the alternatives available, please read that for more information. Securityfocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the internets largest and most comprehensive database of computer security knowledge and resources to the public. The custom image resize script was created for the mimbo pro theme and is now be. My intention is to have an updated repo which works with composer on all my known lamp server configurations because the only timthumb repo on packagist is out of date 2.
Therefore this vulnerability may also exist in your wordpress theme or a thesis theme. And its a lot easier to download a second copy or your files then rebuild. For people who have followed this article how to auto generate thumbnail in thesis theme without plugin, i strongly. Wordpress blogs via the timthumb vulnerability stickman ventures blog. Upload the timthumb to this folder and make sure you name your timthumb file as thumb. Caching thumbnails generated by timthumb events manager for.
Youre using a nonwordpress script to generate a nonwordpress file cache, and hitting a nonwordpress host file limit. Recently, lot of wordpress themes and plugins are open to the vulnerability found in the older version of timthumb script that has been used by most of the popular themes and plugin. If you have any theme, even if it is inactive, that contains the timthumb. Look for a file in your wordpress themes folder called timthumb. Caching thumbnails generated by timthumb events manager. Jun 26, 2014 fortunately, the timthumb coders have now included a fix, so if you are a user of timthumb on wordpress, you can do either or both of these.
In this way, the hacker could download any file from the websites server remotely. Timthumb plugin zeroday found, wordpress websites at risk. The site uses the centitia theme which has a couple of images on the front. I would suggest deleting all of the themes that you are not using in addition to. Tim thumb is now an open source project and available for download.
Timthumb is the most popular image resizing script used in many wordpress themes and plugins. Timthumb is included in a lot of wordpress plugins and themes free and paid. Wordpress plugin category list portfolio page timthumb. There was code in place that restricted the downloads to a whitelist of clean sites, but it wasnt strict enough and so a hole was found that could inject php onto your server. Aug 29, 2019 timthumb was a simple php script used for resizing images.
It is also widely used in other wordpress themes and plugins. To accomplish this, the script checked the header of the file and identified whether the url matched. Timthumb is a small simple script that crops, zooms and resizes images for your wordpress blog or other application. As wordpress theme developers, we might create a theme or themes that require images to be of a certain specific size dimensions. Mar 15, 2012 this is a file that you can add to the same directory as timthumb. If using another wordpress theme, then find the timthumb. Wordpress themes arbitrary file download timthumbconfig. In this way the script will serve to dynamically resize images. Since these types of get requests can be easily modified to download arbitrary files from the internet, the developer attempted to ensure that no files could be erroneously downloaded.
Download the timthumb vulnerability scanner in your wordpress plugins and upgrade. It functions by calling the timthumb php script file, with image dimensions specified at the end. Problem with timthumb on wordpress website building. Feb 05, 2020 this file doesnt have any encryption so anyone can read it just as youre reading this article.
A large number of popular wordpress themes and plugins used this script. Hackers use automated bots to trawl sites looking for timthumb. For people who have followed this article how to auto generate thumbnail in thesis theme without plugin, i strongly recommend you to update timthumb. Download timthumb vulnerability scanner from plugin repository and use it to scan your site for tim thumb vulnerability. The site uses the centitia theme which has a couple of images on the front page controlled and resized by timthumb. This security vulnerability allowed anyone to upload. If you have a server running several wordpress blogs, like us, here is a way to fix all the exploits. Download timthumb vulnerability scanner from plugin repository and use it to scan your site for tim thumb. Timthumb cache directory issue wordpress development. Aug 03, 2011 this morning we were made aware of a security flaw within the timthumb image resizing script, which is utilized in our themes for dynamic image resizing. This security vulnerability allowed anyone to upload any php file into the timthumb cache directory and execute it to compromise the site. To show you how remote attackers can download a file, weve illustrated an example.
Jan, 2012 always have the latest up to date version of wordpress, themes and plugins. Download wordpress today, and get started on creating your website with one of the most powerful, popular, and customizable platforms in the world. Scans your wpcontent directory for vulnerable instances of timthumb. Try to have timthumb cache 9000 images using a different cms, and youll have the identical problem, with the identical nonwordpressrelated solution. Check your website to see if any theme or plugin even inactive ones use timthumb. Back in 2011, a vulnerability in this script was discovered which allowed attackers to upload php files to websites using timthumb. This is a file that you can add to the same directory as timthumb. Timthumb with relative path for wordpress themes github.
By hosting a malicious gif file with php code appended to the end on an attacker controlled domain such as. Timthumb vulnerability found in lot of wordpress themes. According to a post on the full disclosure mailing list, a zeroday remote code execution vulnerability has been found in the webshot feature of the latest shipping version of timthumb 2. My intention is to have an updated repo which works with composer on all my known lamp server configurations. Timthumb vulnerability affects wordpress plugins and themes. The vulnerability was first reported by mark maunder in a post on his blog, and has been confirmed by the author of timthumb. Jun 26, 2014 the timthumb code is used on many wordpress blogs because of its ability to easily resize images something that is useful for many website themes. The following wordpress plugins reuse a vulnerable version of the timthumb. They could also upload a php file and use this to exploit author privileges and gain admin access. Jun 25, 2014 the good news is that timthumb comes with the webshot option disabled by default, so just a few timthumb installations are vulnerable. Timthumb php image resizer please check the timthumb technical support price list for help with getting timthumb to work on your server. If not try to make the cache folder writable chmode 777.
Wordpress plugin category list portfolio page is prone to a vulnerability that lets attackers upload arbitrary files because of a bundled vulnerable version of timthumb. Nettantra designers and developers work relentlessly to bring code to life so that wordpress users dont have to do the hard work. The vulnerability was discovered in august 2011, and the file was immediately patched to prevent these attacks. This will save you having to reedit these variables everytime you download. This function pulls timthumb into wordpress and is a easy. Hi all, spent ages moving a wp site from a linuxapache host to a windowsiis host, its all working except one thing. Wordpress timthumb script premium wordpress themes.
In wordpress, many developers offers image resizing technique, such as matthew ruddy who creating wordpress timthumb alternative, you can download its script from github. The timthumb code is used on many wordpress blogs because of its ability to easily resize images something that is useful for many website themes. If you downloaded your theme a long time ago, you will need to download and upload a new timthumb. The file is a php file and so should contain php code i will add a small example at the bottom of this page. There was a recent exploit found in a common file used to generate thumbnails. An attacker can exploit this vulnerability to upload arbitrary php code and run it in the context of the webserver process. Try to have timthumb cache 9000 images using a different cms, and youll have the. If you have a server running several wordpress blogs, like us, here is. First download the latest version of timthumb from this link. For professional support, you can get in touch with the nettantra team at. The exploit that was found was a bug with the external image resize functionality and the fact it could be used to download and execute files.
Fortunately, the timthumb coders have now included a fix, so if you are a user of timthumb on wordpress, you can do either or both of these. The timthumb vulnerability came from the ability to use images from external, untrusted sources. Exploiting this vulnerability an attacker can upload and excute a php file of his choice on a vulnerable website. A new wordpressbased timthumb alternative wp mayor. Please check the timthumb technical support price list for help with getting timthumb to work on your server timthumb is a simple, flexible, php script that resizes images. Aug 02, 2011 yesterday we learned of a vulnerability in a popular image resizing library called timthumb, which is used in many wordpress themes and plugins. Timthumb is a simple, flexible, php script that resizes images. Yesterday we learned of a vulnerability in a popular image resizing library called timthumb, which is used in many wordpress themes and plugins. Timthumb was a simple php script used for resizing images.
How to fix and cleanup the timthumb hack in wordpress. Using timthumb with custom urls for site optimization. Only a select few trusted sources were supposed to be allowed. Timthumb cache directory issue wordpress development stack. Timthumb vulnerability renders many wordpress sites blocked. How to fix and cleanup the timthumb hack in wordpress may, 2019 so if you remember correctly, there was a security issue with the timthumb script in august which was fixed. This item was published on and sold by author vamtam. Always have the latest up to date version of wordpress, themes and plugins. Timthumb vulnerability renders many wordpress sites. The good news is that timthumb comes with the webshot option disabled by default, so just a few timthumb installations are vulnerable. You give it a bunch of parameters, and it spits out a thumbnail image that you can display on your site. Protect your wordpress website from being hacked by timthumb.
463 1315 826 767 342 573 1339 28 999 1129 1144 1337 1277 1250 14 1217 782 888 810 1324 262 206 1267 1403 630 1473 150 1017 154 1431 474 1249 1242 1358 869 185 173 883 533 633 595 994 867 221