I am not a technical person.
So, here is the article or search you can check out:
Timthumb PHP script opens hole in WordPress blogs - The H Security: News and Features
This timthumb php thingie is apparently used on some of your fancy wordpress themes.
One big user of this function is Woo themes.
You will want to check your themes and see if there is a timthumb.php file in the mix.
You can be lazy like me, and just do a search in your cpanel (if you have a butt load of wordpress installs).
Look in the upper right corner:
I then did that search again without the php:
So, headway theme has it too.
It also may be in some plugins.
Anyway, it is a security issue.
Here is a helpful looking site:
How To Fix The Security Issue in Timthumb
Anyway, I'm off to the headway forum because that file for headway is done differently and I may need different instruction on how to handle it.
For now I just deleted the files and the site seems to be ok.
If some techie person wishes to elaborate on this, please feel free to steal the thunder here.
***Make sure you do searches for thumb.php and timthumb***
(I found a couple more little devils hiding in the brush)