This week one of my blogs was hacked, and in an attempt to solve the problem, I discovered that the attack resulted from a vulnerability in the timthumb.php file (which is included in Elegant Themes ).
In fact, in this blog I’m using a template from Elegant Themes , and as I recommend this platform for selling wordpress themes here on the blog (and already several people bought through my link), I come today to explain how you can prevent against this vulnerability.
How to resolve the timthumb vulnerability
This vulnerability is due to timthumb.php (or in some cases thumb.php), and all templates containing such files are vulnerable to attack (not just those of Elegant Themes ).
How to stay protected
In the WordPress admin panel, click “Presentation” »” Editor “and look for a file called timthumb.php, thumb.php or a similar name. If it does not exist, it is not necessary to make any changes. If it exists, open the file and replace all the code inside it with this one , and save the changes.
In addition to this change, it is also important that you keep your WordPress updated, as well as all the plugins you are using on your blog.
As the popular saying goes: Prevention is the best medicine!