[wp-forums] Another timthumb exploit
Half-Elf on Tech
ipstenu at halfelf.org
Wed Jun 25 19:27:57 UTC 2014
Plugins, at this time, don't disallow timthumb, so ... there's that too.
Mark Ratledge wrote:
>
> Woothemes use timthumb, but all the themes I have and have checked
> don't have WEBSHOT_ENABLED as "true" which seems to be the security issue.
>
> But yes; all themes - and WP itself - get lumped in together as an
> undifferentiated whole.
>
> On Jun 25, 2014, at 12:20 PM, esmi at quirm dot net wrote:
>
>>
>> And doesn't that now make us all feel rather smug? ;-)
>>
>> Bet we'll still get some "WordPress has security problems" from some
>> people who are using commercial themes and plugins, though.
>>
>> Mel
>
>
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
More information about the wp-forums
mailing list