From the code seems your plugin updated just one day ago has a very old PHP Mailer version. Vulnerable.
Security seems are not important for this plugin? Software has to keept safe and updated.
Hi, This plugin doesn’t directly include the PHPMailer library. It uses the one included by WordPress.
Hi @naa986,
thank you for your quick reply.
In the file main.php of your plugin on the line 20 I can see:
var $phpmailer_version = '5.2.22';
why there are this line, what is?
How I can report the PHP Mailer issue to WordPress? I should find a way, I want understand why I see email going out from the website with a vulnerable PHP Mailer version, thank you!
@peopleinside, https://make.ww.wp.xz.cn/core/
It’s there so I can keep track of the PHPMailer version included by WordPress.
Thanks,
I will flag this as resolved.
I posted here:
https://core.trac.ww.wp.xz.cn/ticket/40472#comment:8
