Partial list of WordPress themes scanned by bots for timthumb vulnerability

Partial list of WordPress themes scanned by bots for timthumb vulnerability


This is a partial list of WordPress theme and plugin URLS that bots are scanning for timthumb exploits. If you use any of these, make sure you have upgraded the theme, or at the very least upgraded the timthumb script within. Or said another way, these themes used timthumb at some point and the bots scan for it hoping it is exploitable.

We are in no way saying these products are insecure, just be sure to update.

If you are pagely customer, we scan our file system daily to apply patches for you and you are further protected by firewall rules to defend against this.

image credit

/themes/bueno/thumb.php
/themes/modularity/includes/timthumb.php
/themes/themorningafter/thumb.php
/themes/SimplePress/timthumb.php
/themes/premiumnews/thumb.php
/themes/delicate/thumb.php
/themes/DelicateNews/timthumb.php
/themes/Nova/timthumb.php
/themes/OptimizePress/timthumb.php
/themes/Chameleon/timthumb.php
/themes/Delicate/thumb.php
/themes/typebased/thumb.php
/themes/Magnificent/timthumb.php
/themes/dailyedition/thumb.php
/themes/skeptical/thumb.php
/themes/spectrum/thumb.php
/themes/profitstheme/thumb.php
/themes/photoria/scripts/timthumb.php
/themes/Minimal/timthumb.php
/themes/Reporter/timthumb.php
/themes/Memoir/timthumb.php
/themes/optimize/thumb.php
/themes/TheSource/timthumb.php
/themes/Basic/timthumb.php
/themes/PersonalPress/timthumb.php
/themes/deliciousmagazine/thumb.php
/themes/PureType/timthumb.php
/themes/DeepBlue/timthumb.php
/themes/ePhoto/timthumb.php
/themes/duotive-three/includes/timthumb.php
/themes/eNews/timthumb.php
/themes/dandelion_v2.6.3/functions/timthumb.php
/themes/myjourney/thumb.php
/themes/eBusiness/timthumb.php
/themes/Transcript/timthumb.php
/themes/InterPhase/timthumb.php
/themes/tribune/scripts/timthumb.php
/themes/thestation/thumb.php
/themes/GrungeMag/timthumb.php
/themes/vulcan/timthumb.php
/themes/delight/scripts/timthumb.php
/themes/dandelion_v2.6.4/functions/timthumb.php
/themes/simplicity/thumb.php
/themes/MyProduct/timthumb.php
/themes/backstage/thumb.php
/themes/biznizz/thumb.php
/themes/multidesign/scripts/timthumb.php
/themes/retreat/thumb.php
/themes/myjourney_3.1/thumb.php
/themes/Bold/timthumb.php
/themes/pearlie_14%20dec/scripts/timthumb.php
/themes/LightBright/timthumb.php
/themes/muse/scripts/timthumb.php
/themes/bt/includes/timthumb.php
/themes/eStore/timthumb.php
/themes/redlight/includes/timthumb.php
/themes/wp-clear-prem/scripts/timthumb.php
/themes/insignio/images/timthumb.php
/themes/DeepFocus/timthumb.php
/themes/dualshockers2/thumb.php
/themes/editorial/thumb.php
/themes/purevision/scripts/timthumb.php
/themes/mini-lab/functions/timthumb.php
/themes/Event/timthumb.php
/themes/postcard/thumb.php
/themes/snapshot/thumb.php
/themes/ElegantEstate/timthumb.php
/themes/CFWProfessional/timthumb.php
/themes/broadcast/thumb.php
/themes/coffeedesk/includes/timthumb.php
/themes/cruz/scripts/timthumb.php
/themes/NewsPro/timthumb.php
/themes/modularity2/includes/timthumb.php
/themes/gallant/thumb.php
/plugins/1-flash-gallery/upload.php
/plugins/front-end-upload/upload.php
/plugins/mac-dock-gallery/upload-file.php
/plugins/mm-forms-community/includes/doajaxfileupload.php
/plugins/wp-property/third-party/uploadify/uploadify.php

While we have you...
Learn More

Did you know Pagely has a number of managed solutions to help big brands scale WordPress?

Subscribe for an easy once monthly email of updates.

  1. John Saddington

    glad you mentioned a caveat to interpret this list as a vulnerable list.

    cool stuff.

  2. Thomas Zickell

    What you’re doing is a very valuable service that most hosting company’s Overlook and never even think to patch. It is a huge problem with WordPress and the fact that you are Actively working to prevent this and other exploits gives me unbelievable confidence in you thank you showing us that you’ve done to destroy timthumb best you can as it is a Plague on the WordPress community

Leave a Reply

Your email address will not be published. Required fields are marked *

How can we help?

Contact our sales team today for WordPress hosting solutions.

Request Your Quote
Categories

What is net neutrality? Learn how it may affect you. Get Educated