Is it safe to use TimThumb?
I'm making a website and started making use of the TimThumb library.php to resize the images to the exact size I want. However came to me two doubts
- is it safe to use? hear that past versions showed vulnerability;
- will making use of it imply anything in the performance of my site? former: more work for the server.
1 answers
Timthumb does have security vulnerabilities, the developers themselves mentioned this once (I think it was on their own blog/site) and linked that this was the reason they stopped continuing their development. I did a brief search to see if I could find this article but I did not. However I have never followed their status and development updates, so I do not know how the situation is at the moment and if they have already solved these vulnerabilities or not, but maybe there could be other developers who may have picked up on the project and fixed this issue.
However there are other methods and alternatives for this plugin.
searching on Google we can find some of them:
Question asked in SOen - What's a good PHP alternative to Timthumb
Plugin bfi_thumb for WordPress that has now changed and is being continued as - OTF Regenerate Thumbnails or on GitHub - https://github.com/gambitph/WP-OTF-Regenerate-Thumbnails
Article in English speaking of both TimThumb and BFIThumb