TimThumb Critical Vulnerability Fixed on SiteGround Servers
Another serious security issue was reported earlier today within one of the popular WordPress plugins for managing thumbnails – TimThumb. This plugin already has a history of causing security issues in the past with which we dealt with. The current vulnerability allows the attacker to gain unauthorised access to your hosting account and even execute shell commands on it. Needless to say, this is not something we can allow to happen.
Our security team has reacted immediatelly after the vulnerability was disclosed. We have applied a patch in our in-house system to protect all our customers from getting hacked through TimThumb. Currently, if you’re hosted on SiteGround, you will be protected against hacking attempts that try to utilise this problem.
However, we strongly recommend that you switch plugins or update TimThumb as soon as new version is released.