Hacker News new | ask | show | jobs
by cosgroveb 5434 days ago
My WP theme is from WooThemes and it includes "thumb.php" which upon inspection is timthumb.php. The blog post says to patch this you should remove the list from the allowedSites variable which I have done... I'll look at this more tomorrow but just FYI!
1 comments
mrspeaker 5434 days ago
Errm, you should probably do that today - and check for the presence of base64 encoded images - now that you told the world about it ;)
link
cosgroveb 5434 days ago
Did that too.
link