WordPress TimThumb Exploitation

WordPress is one of the worlds biggest blogging platforms and can be easily extended with vulnerable add-ons to support a variety of functions – from CMS’s to stores and pretty much anything in between. Within some web applications, themes may contain variables that refer to dynamic elements while in others, like WordPress, insecure PHP files …

How to Fix and Cleanup the TimThumb Hack in WordPress

So if you remember correctly, there was a security issue with the TimThumb script in August which was fixed. However still to our surprise, many sites are still using the old version. We have fixed three sites so far in the past month, one being yesterday. So it makes sense to simply write a step …

How to Increase the Maximum File Upload Size in WordPress

Depending on the web hosting company you choose and the package you select, each of you will see maximum file upload limit on your Media Uploader page in WordPress. For some it is as low as 2MB which is clearly not enough for media files like (audio / video). Most pictures are under 2MB, so …