Earlier this month a vulnerability in the TimThumb plugin for WordPress was made public. This vulnerability allows attackers to run malicious code on WordPress applications, take control of the application and distribute malware.
We have recently seen a significant rise in exploit attempts on WordPress sites targeting the TimThumb plugin vulnerability. This indicates that hackers have updated their botnets with the exploit code and those botnets are now scanning the web for vulnerable WordPress sites.
Web sites that are protected by Incapsula and configured to block illegal resource access attempts are protected from this exploit.
In addition, we recommend that web site owners that are using the TimThumb plugin update their plugin to its latest version (http://www.binarymoon.co.uk/projects/timthumb/).