TimThumb is No Longer Supported or Maintained

TimThumb is no longer supported or maintained.
More information →

A long time ago – when making our first premium WordPress theme, Darren and I made TimThumb. TimThumb has been amazing – but it’s also not been without it’s share of problems.

In particular in 2010 there was a major security exploit found and it hurt a lot of websites, my own included. There are still people who are suffering because of it. I’ve felt incredibly guilty about this for years now, and so my enthusiasm for TimThumb has dropped to nothing.

Because of this lack of enthusiasm, and a fear of doing something else wrong, I have barely touched the code in years. In fact a couple of months ago I wrote about why I don’t use TimThumb (and what I do instead). If you’re a WordPress developer and still using TimThumb then you are ‘doing it wrong’. As such I am dropping all future support and maintenance for TimThumb.

To be honest this has been the situation for a while now, I’ve just not announced it before. If you want to use TimThumb then you do so at your own risk.

It feels a little sad to be writing this – but it’s also a huge weight off my mind. Now I can go back to making WordPress themes and video games in peace :).

Let me know what you think on Mastodon, or BlueSky (or Twitter X if you must).

Related Posts

06 Jul 2009

A Brief History of TimThumb

When we were building Mimbo Pro – Darren came up with the idea of automating the image thumbnail resizing – and this was the idea that sparked the development of TimThumb.This was all part of making the theme site as...
05 Mar 2024

TimThumb Image Resizer and Website Security

My friend Alex Denning recently asked me to write some bits about TimThumb for an article he was putting together.The main purpose of TimThumb was to dynamically resize images on websites, making it easier for web developers to manage their...
05 Aug 2010

Using TimThumb part 1: Getting Started

TimThumb has always been built with simplicity in mind. However there are a few things it can do that have not been exposed before.Inspired by a comment from RBhavesh I have decided to write a series of posts in which...
12 Aug 2011

TimThumb 2.0

Ok – so – TimThumb. I am sure many people have seen this already but some code exploits were recently discovered in TimThumb. Now that everything is under control once more I thought I would explain what happened and what...
26 Jun 2014

New TimThumb Exploit Found

It’s been reported today that there is a new TimThumb exploit found. Unfortunately nobody told me about this before the exploit was announced – in fact I found out about the bug through wptavern.com so I haven’t been able to...
04 Nov 2010

TimThumb Troubleshooting Secrets

I often get asked questions about TimThumb and why it doesn’t work in certain situations. I can generally tell what is wrong with the script within about 60 seconds of being sent a demo url. Below are my top tips...