As Modwest hosting supports WordPress installs, we wanted to make you aware of a timthumb.php vulnerability that affects both themes and plug-ins which utilize the timthumb.php script. The vulnerability lies in a coding error that allows would-be attackers to backdoor malicious .php scripts while masquerading them as benign thumbnails.
According to articles I read, the original blog about this issue was posted on August 3, 2011 at ++Zen Blog. Here's an up-to-date list from Sucuri Research Blog (August 17, 2011) of plug-ins and themes being scanned by attackers.
If you utilize these products, mimize the risk of being exploited by acting promptly.
Subscribe to this blog's feed
Thanks for the warning, Modwest. Your support is appreciated and will pay off. I can recall a recent client that had their WordPress site break on another host. That host "does not support WordPress on their system." Needless to say, their website is now hosted at Modwest.
Posted by: Tony Ferrini | August 24, 2011 at 03:34 PM
Thanks for this informative post! I really appreciated this :)
cafe24 extension installation
Posted by: Mark Seo | November 16, 2011 at 06:49 PM