The vulnerability found in the TimThumb image resizing script, which we used in our themes for dynamic image resizing.
We’d highly recommend that you download the latest version of the theme zip and update your thumb.php script.
Alternatively, you just copy the latest version of timthumb and replace your thumb.php file in your theme folder.
How to Update?
To fix vulnerability go to Appearance > Editor and look for a theme file called thumb.php then copy fixed version code from here and paste the Timthumb code in there to replace the old version.