How to Fix Vulnerable Timthumb Script in WordPress?

By WP Saviour •  Updated: 03/07/21 •  2 min read

In final couple of days I’ve seen many web sites getting hacked attributable to vulnerability and now we have already mentioned about the identical up to now. In case you are nonetheless not conscious of timthumb hack and working a WordPress weblog, you must refer to those 2 posts:

Normally, any blogger/webmaster will look into the theme folder and replace the script with up to date timthumb script. However chances are high that some plugin is perhaps utilizing a timthumb script and you aren’t conscious of.

Here’s a very helpful WordPress safety plugin name Timthumb Vulnerability Scanner which verify your WordPress wp-content listing for timthumb.php file and it additionally reveals in case your present timthumb.php file (

In case in case your timthumb.php file shouldn’t be secure, it gives you possibility prime repair it. You don’t have to login to FTP to replace the timthumb script, however by clicking Repair button it’s going to mechanically exchange the outdated one with the up to date script.


As quickly as you click on on Repair, it’s going to replace the file and your display screen will begin displaying this:


Tips on how to use Timthumb Vulnerability scanner plugin?

Go to official obtain web page and obtain & Set up the plugin.

Alternatively, you’ll be able to set up plugin from the dashboard by trying to find Timthumb Vulnerability Scanner.

As soon as this plugin is put in and activated, go to Instruments >Timthumb scanner and run the scan.

As talked about above inside seconds you will notice the checklist of all timthumb script working in your server and if it’s weak to a hacker, you’ll be able to repair it immediately as proven in picture above.

In my view, each WordPress blogger ought to use this plugin as soon as for now, because the timthumb hack is taking down many WordPress blogs on daily basis and as soon as your website is hacked, fixing it received’t be very straightforward.

Do tell us in case you discovered any hacked timthumb file utilizing this plugin? And don’t overlook to share this publish in your Fb and Twitter to let your WordPress blogger buddies learn about this as properly.

gp-6283332 as-7578167

WP Saviour

I am a WordPress specialist. My mission is to help you create beautiful websites with ease!