Theme Updates Due to TimThumb Vulnerability
Yesterday I found this blog post reporting a security issue in the TimThumb image resizing script used in some of my older themes. Please read this carefully to find out if your theme is affected and how to fix it.
What’s the problem?
In a few words the script may give access to hackers to place and execute scripts with malicious code on your server.
Is my theme affected?
The following themes still include the TimThumb script. If your theme is among these, please read the rest of this post carefully. If not, there is no need to read further.
How can I fix this?
There are two ways to easily fix this issue. You can either update the theme or you just replace the TimThumb script with an updated version. Either way, I strongly recommend to update the script..
Either Update Theme
1. Download latest version with your download link
2. Deactivate and remove old version
3. Install new version
Or Update Script
1. Access your server via FTP and find the following file:
/wp-content/themes/**themename**/lib/scripts/thumb.php</pre> <p>2. Download the (updated) <a href="http://themeshift.com/files/thumb.zip">thumb.zip</a> file<br /> 3. Unpack the archive<br /> 4. Replace the file <code>thumb.phpin the above-mentioned folder on your server