Remote Code Execution in TimThumb Plugin for WordPress
CVE-2011-4106

Currently unrated

Key Information:

Vendor: WordPress
Status: Timthumb
Vendor: CVE Published:; 26 October 2013

What is CVE-2011-4106?

The TimThumb script (timthumb.php) prior to version 2.0 fails to adequately validate sources against a defined whitelist. This oversight allows attackers to exploit the vulnerability by uploading and executing arbitrary code. This can occur by leveraging a URL that matches the whitelist criteria within the 'src' parameter, followed by a direct file access to the cached version. This security flaw was notably exploited in the wild starting August 2011, making it essential for WordPress users to update their TimThumb installations to mitigate potential risks.

References

http://www.exploit-db.com/exploits/17872

exploitx_refsource_EXPLOIT-DB

http://www.binarymoon.co.uk/2011/08/timthumb-2/

x_refsource_CONFIRM

http://markmaunder.com/2011/08/02/technical-details-and-s...

x_refsource_MISC

EPSS Score

28% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 26, 2013