Category Archives: Security

712 Fewer Vulnerable TimThumb Scripts in Existence

We recently contacted VaultPress customers who were affected by the TimThumb image library vulnerability with instructions on how to secure their sites. As previously noted, the vulnerability allows third parties to upload and execute arbitrary PHP code in the TimThumb … Continue reading

Posted in Announcements, Security | Tagged | 7 Comments

Vulnerability Found in timthumb.php

Yesterday we learned of a vulnerability in a popular image resizing library called TimThumb, which is used in many WordPress themes and plugins. The vulnerability was first reported by Mark Maunder in a post on his blog, and has been … Continue reading

Posted in Announcements, Security | Tagged | 44 Comments

Plugin Security Scan and Fixes

Yesterday we learned of a potential security issue related to a few popular WordPress plugins. As a precautionary measure, we have scanned all VaultPress customer sites to check for the affected plugins. We were able to remotely edit and secure … Continue reading

Posted in Security | Tagged , | 4 Comments

Making the WordPress Universe Safer

Danny Dagan’s post today about an unexpected benefit of VaultPress struck a chord with us. One of the positive side effects of the work we do to scan our customers’ WordPress installations for vulnerabilities is making a number of plugins … Continue reading

Posted in Security, WordPress | 1 Comment

Rest Soundly, 3.0.4 Hotfix Deployed

‘Twas two nights before New Year’s Eve, when all through the house, not a creature was stirring, not even a mouse. That rustling sound you kept hearing was actually the VaultPress Safekeepers, busily protecting all the WordPress sites under our … Continue reading

Posted in Announcements, Security | Leave a comment