Deja Vu
Wasn't TimThumb exposed not so long ago?
Self-hosted installations of WordPress are at risk of attack following the disclosure of a vulnerability in a widely used plugin for the blogging software-cum-website CMS. The vulnerable TimThumb plugin is used by many blogs to easily resize images. However a zero-day vulnerability in the Webshot function of TimThumb (2.8.13 …