Users of Scouting Themes 4 WordPress are urged to view the following and action it as soon as possible. Whilst the risk of this exploit being discovered by automated attackers, a targeted attack could result in a malicious individual being able to remotely inject files and code onto your web server.
Users should urgently delete timthumb.php from
/wp-content/themes/< themeName >/scripts as a matter of urgency and should delete the cache folder.
Users should make note of any customisations they have made to their site and overwrite the theme files with a clean installation if they think they may have been attacked.
Any questions can be pointed to Magician at the Escouts: Community, who has aided in identifying and resolving the issue.