site hacked, timthumb?

resolved (6 posts) (3 voices)

  1. Hi - Our site http://attorneyguss.com was breached and a lot of js injected.

    This despite using Better WP security and a lot of the usual recommended security mods.

    We want to discount the possibility that this was caused by timthumb. Can you please indicate where to find that in InFocus?

    Thanks - John

    Posted 4 years ago #
  2. Elliott
    Support

    Hello seancofaigh,

    You can find it at /wp-content/themes/[your_theme]/lib/scripts/timthumb/thumb.php.

    Make sure your using the latest version of the theme which has the updated timthumb script.

    Posted 4 years ago #
  3. infocus 3.6 uses v2.8.11, should I replace timthumb with latest v2.8.13?

    Posted 3 years ago #
  4. I just noticed latest version is v2.8.14, see

    http://timthumb.googlecode.com/svn/trunk/timthumb.php

    Posted 3 years ago #
  5. Hmm, another one:

    I posted this under "inFocus HTML/CSS", but I'm using WP-Version - sorry.
    Also my site is not hacked! :-)

    However, question is:

    Should we keep timthumb up to date due to security reasons or wait for next theme-update?

    Posted 3 years ago #
  6. Elliott
    Support

    You can go ahead and switch it out for a newer one if you want but if it doesn't work properly then it would be best to use the version provided with our framework.

    Posted 3 years ago #

Reply

You must log in to post.

Construct WordPress Theme
Construct wordpress theme
Myriad WordPress Theme
Myriad wordpress theme
Method WordPress Theme
Method wordpress theme
Fusion WordPress Theme
Fusion wordpress theme
Elegance WordPress Theme
Elegance wordpress theme
Echelon WordPress Theme
Echelon wordpress theme
Dejavu WordPress Theme
Dejavu wordpress theme
Modular WordPress Theme
Modular wordpress theme