25 Jun

2014

TimThumb Critical Vulnerability Fixed on SiteGround Servers

header

Another serious security issue was reported earlier today within one of the popular WordPress plugins for managing thumbnails – TimThumb. This plugin already has a history of causing security issues in the past with which we dealt with. The current vulnerability allows the attacker to gain unauthorised access to your hosting account and even execute shell commands on it. Needless to say, this is not something we can allow to happen.

Our security team has reacted immediatelly after the vulnerability was disclosed. We have applied a patch in our in-house system to protect all our customers from getting hacked through TimThumb. Currently, if you’re hosted on SiteGround, you will be protected against hacking attempts that try to utilise this problem.

However, we strongly recommend that you switch plugins or update TimThumb as soon as new version is released.

Author: Hristo Pandjarov

Product Development - Technical

Enthusiastic about all Open Source applications you can think of, but mostly about Joomla and WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!