If your dealing with a large WordPress instance, I hope you have shell. Using plugins like Timthumb Vulnerability Scanner on small installations is great, however, on large installations the server might 503.
I had previously used bash scripts to detect outdated TimThumb using simple grep command and outputting the finding to a .txt file which I could cross reference during the update process. It’s become cumbersome to do this, I wanted to grab the updated timthumb version from the Google Code repository and update the files. With a quick Google search, I fould this simple script for cPanel users that can be modified to your distro. Props to DropDeadDick.com for sharing his script. <3 [bash] #! /bin/bash # Detects and updates timthumb.php to latest version for all cPanel users. # dropdeaddick.com latest=`lynx -source http://timthumb.googlecode.com/svn/trunk/timthumb.php |grep "define ('VERSION'" $file |cut -f4 -d"'"` if [ -z "$latest" ]; then echo "could not get latest timthumb release, aborting!" exit 1 fi for user in `awk -F':' '{ if ($3 > 499) print $0 }' /etc/passwd | grep home | cut -d':' -f1`; do for file in `find /home*/$user/public_html/ -type f ( -name 'thumb.php' -o -name 'timthumb.php' ) 2>/dev/null | tr ' ' '%'`; do file=`echo $file | tr '%' ' '` check=`grep -c "code.google.com/p/timthumb" "$file"` if [ -z "$check" ]; then break fi if [ "$check" -gt "0" ]; then version=`grep "define ('VERSION'" "$file" |cut -f4 -d"'"` if [ "$version" != "$latest" ]; then echo -e "e[1;31mWARNING version $versione[0m updating $file!" # rm -f $file #delete current file before replacing. wget -nv -t3 -T3 http://timthumb.googlecode.com/svn/trunk/timthumb.php -O "$file" chown $user: "$file" else echo -e "e[1;32mOK version $versione[0m skipping $file" fi fi done done[/bash] I'd recommend creating an alias so that you can use it periodically. :]