A critical security flaw was recently found in the timthumb.php image resizing script. Said script is used by many WordPress themes and plugins and if left unpatched could allow malicious code to be inserted into a site. To fix this issue, contact your theme developer for an updated version, or you can replace the timthumb.php script with a new version yourself. See here for more details regarding this issue.
Thursday, November 24, 2011
