A code injection vulnerability that affects the TimThumb image resizing utility used in WordPress themes and plugins, has compromised more than a million Web pages.
"Estimating the impact is not an easy task, according to website integrity monitoring vendor Sucuri Security, which monitored the fallout of this flaw since it was first announced at the beginning of August," writes PCWorld's Lucian Constantin.
"The company's researchers have devised a method that involves using Google to search for compromised pages where the malicious code malfunctioned," Constantin writes.
Go to "Old Image Resize Script Leaves 1 Million Web Pages Compromised" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.