4
I’m making a website and I started making use of the library Timthumb.php to resize the images in the exact size I want. However came to me two questions
2
Timthumb does have security vulnerabilities, the developers themselves mentioned this once (I think it was their own blog/site) and linked that was the reason they stopped continuing their development. I did a little research to see if I could find this article but I couldn’t. In the meantime, I’ve never followed their status and development updates, so I don’t know what the situation is at the moment and whether they’ve resolved these vulnerabilities or not, but there may be other developers who may have taken up the project and fixed this problem.
However there are other methods and alternatives to this plugin.
Googling we may find some of them:
Question asked on Soen - What’s a good PHP Alternative to Timthumb
Plugin bfi_thumb for Wordpress that has now changed and is being continued as - OTF Regenerate Thumbnails or at Github - https://github.com/gambitph/WP-OTF-Regenerate-Thumbnails
Article in English speaking of both, the Timthumb and the Bfithumb
Browser other questions tagged php wordpress security-guard library requisition
You are not signed in. Login or sign up in order to post.
I don’t know the status of Timthumb nowadays, but to avoid headaches better use native functions (How to Dynamically Resize Wordpress Image On-The-Fly (custom field/Theme option)), check the comment of bueltge there in this reply, the guy is a player and released a recent plugin
– brasofilo
+1 It’s a good concern. Honestly, I saw the source code of
Timthumband I got a little nervous. There’s a system here that uses theTimthumb(I didn’t implement it), but I think it would be a good idea to look for a more up-to-date resource than him.– Wallace Maxters
https://www.ssl.net.br/blog/qual-plataforma-cms-mais-hacked/ this article clarifies that the use of Timthumb is rather associated with the vulnerability of the system, the developers themselves, as the friend said in the previous answer, have already proclaimed the fact. I recommend not using.
– Daniel Gomes Da Silva Moreira