Timthumb is particularly fame in WordPress themes and plugins; Web master should updated the library ; This attack can be exploited by hackers .
After Timthumb.php hacking High risk vulnerabilities was discovered in wordpress blugins Exploiting this bugs an attacker can that allows retrieve remotely any information credentials from a vulnerable blugs ; some of them lack of validation in this query string most of them are remotely exploitable.
Sence 2011-08-05 more then 15 blugins are vulnerable :
WordPress MM Duplicate plugin <= 1.2 SQL Injection Vulnerability
WordPress UnGallery plugin <= 1.5.8 Local File Disclosure Vulnerability
WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability
WordPress WP Forum plugin <= 1.7.8 SQL Injection Vulnerability
WordPress Ajax Gallery plugin <= 3.0 SQL Injection Vulnerability
WordPress Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability
WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 SQL Injection Vulnerability
WordPress Menu Creator plugin <= 1.1.7 SQL Injection Vulnerability
WordPress File Groups plugin <= 1.1.2 SQL Injection Vulnerability
WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection Vulnerability
WordPress WP Symposium plugin <= 0.64 SQL Injection Vulnerability
WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi
WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection Vulnerability
WordPress IP-Logger Plugin <= 3.0 SQL Injection Vulnerability
UPM Polls <= 1.0.3 SQL Injection Vulnerability
Media Library Categories <= 1.0.6 SQL Injection Vulnerability
ProPlayer plugin <= 4.7.7 SQL Injection Vulnerability
Social Slider <= 5.6.5 SQL Injection Vulnerability
WordPress SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability
If you are on of the user using the plugins update before getting hacked