Few days ago, WordPress security vulnerability in timthumb.php reported on one of our blog http://filmnews.bizhat.com.
timthumb.php is a script that is used by hundreds of WordPress themes to resize images.
I searched in google with ‘timthumb.php vulnerability fix’ and found ‘TimThumb Vulnerability Scanner plugin’
TimThumb Vulnerability Scanner plugin to check if your site is running a vulnerable version of TimThumb. This plugin will scan your entire wp-content folder, including plugins, themes and uploads.
To install ‘TimThumb Vulnerability Scanner plugin’ using the built-in plugin installer:
Go to Plugins > Add New.
Under Search, type ‘TimThumb Vulnerability Scanner’ and Click Install Now to install the Plugin.
Go to the “Timthumb Scanner” page, under the “Tools” menu
Here is some of the plugin that used timthumb.php
/wp-content/plugins/cac-featured-content/timthumb.php
/wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
/wp-content/plugins/category-list-portfolio-page/scripts/timthumb.php
/wp-content/plugins/cms-pack/timthumb.php
/wp-content/plugins/dp-thumbnail/timthumb/timthumb.php
/wp-content/plugins/extend-wordpress/helpers/timthumb/image.php
/wp-content/plugins/islidex/js/timthumb.php
/wp-content/plugins/kino-gallery/timthumb.php
/wp-content/plugins/lisl-last-image-slider/timthumb.php
/wp-content/plugins/really-easy-slider/inc/thumb.php
/wp-content/plugins/rent-a-car/libs/timthumb.php
/wp-content/plugins/verve-meta-boxes/tools/timthumb.php
/wp-content/plugins/vk-gallery/lib/timthumb.php
/wp-content/plugins/wp-marketplace/libs/timthumb.php
/wp-content/plugins/yd-recent-posts-widget/timthumb/timthumb.php