“What is TimThumb?
TimThumb is a simple, flexible, PHP script that re-sizes images.
“Is TimThumb on my website?
You likely have it on your WordPress site and don’t even know it.
While you may update to the latest version of WordPress and update your plugins on a semi-regular basis, TimThumb does not always automatically get updated!
“How do I update it on my WordPress website?
Watch this video and follow these simple instructions to help you update TimThumb without knowing any more than this! This will help from hacks that target the images on your website. You’re welcome…and cheers!
[box]Don’t have time or the desire to do this? Does the thought of this give you a head-ache? That’s OK. Us small business owners are busy with plenty of other things on our plates. Hire Raquel on a month-to-month basis to keep your website’s content up-to date, sync it with your social media, and take care of all these silly security risks.[/box]
Instructions for you to fix…
- Login to the backend of your WordPress site
- On the left toolbar, go to Plugins, drop down menu, select Add New
- In Search bar, type in the plugin name we’re going to install : Timthumb Vulnerability Scanner
- Select Timthumb Vulnerability Scanner and click on Install Now
- After it loads, click Activate Plugin
- Now in your left menu bar, it will appear under Tools, drop down menu, click on TimThumb Scanner. This will take you to your newly installed plugin.
- Under the TimThumb Scanner, click on the button that says “Scan“
- It will scan your site and show you all versions of timthumb that are vulnerable and out of date.
- Click the box to Select All then click the button to Upgrade Selected Files
- It will show you that all the old versions have been updated to new ones!
Now, just remember to try and do this at least once a month, along with updating to the latest version of WordPress and any other plugins you have installed. It’s also a good idea to back up your entire WordPress website before doing any updates! Ask your Hosting company if this is a service they include in your hosting or not. They can do it for you, you can install a Backup plugin and do it yourself, or I can install a Backup plugin – it does cost a monthly fee to download the software, but I can back up your site for you as a part of my website services!
Hooray! Good Job! You’ve made your site more secure today!