Answer the question
In order to leave comments, you need to log in
How to fix vulnerability in Wordpress class-phpmailer.php - RCE: CVE-2016-10045, CVE-2016-10031?
Good afternoon, tell me how to fix the vulnerabilities CVE-2016-10045, CVE-2016-10031
I did not find any information about this, they were discovered not so long ago.
The script itself is in wordpress here:
/wp-includes/class-phpmailer.php - RCE : CVE-2016-10045, CVE-2016-10031 phpmailer
version 5.2.22
Visited version v6.0.0rc4 (same result) from here - https://github.com/PHPMailer/PHPMailer/tree/v6.0.0rc4
Answer the question
In order to leave comments, you need to log in
These vulnerabilities affect versions of PHPMailer below 5.2.18 and 5.2.20, the latest version of WP uses 5.2.22, which fixes not only these vulnerabilities, but also another one found in version 5.2.21 . See changelog .
What to do? As usual - update WordPress and sleep well.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question