WP PHPMailer Vulnerability..

  • Resolved livingflame

    (@livingflame)


    8 years, 10 months ago

    WordPress Sending Mail to Junk / PHPMailer 5.2.22 Vulnerability

    Username and Path Disclosure.

    When you send an email from your WordPress Site, go to Junk or Spam Folder.
    If View Message Source (Hotmail, Gmail…) you obtain:

    Received: from hostname1234.yourhost.com

    Received: from your-hosting-username by hostname1234.yourhost.com

    X-AntiAbuse: Primary Hostname – hostname1234.yourhost.com

    X-Source-Args: /opt/php70/bin… /your full path disclosure / admin-ajax.php

    X-Source-Auth: your-hosting-username

    SOLUTION?

    @chesio
    @mbrsolution
    @wpsolutions

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    8 years, 10 months ago

    Hi, does your site use PHPMailer 5.2.22? I have not experienced this myself in all my sites.

    Thread Starter livingflame

    (@livingflame)

    8 years, 10 months ago

    Hi @mbrsolution

    WP 4.8 uses PhpMailer 5.2.22

    Disclosure when: you send from your WP to some Email or Notification (buddypress, bbpress) to Hotmail, Gmail, whatever.
    Disclosure with ContactForm 7 and MailChimp.

    Disclosure of your-hosting-username and your CPanel url in:

    Received: from hostname1234.yourhost.com
    Received: from your-hosting-username by hostname1234.yourhost.com
    X-AntiAbuse: Primary Hostname – hostname1234.yourhost.com
    X-Source-Args: /opt/php70/bin… /your full path disclosure / admin-ajax.php
    X-Source-Auth: your-hosting-username
    Return-Path: <[email protected]>
    ARC-Authentication-Results: …
    Received-SPF: …
    Authentication-Results: …

    How can I remove “Via” php mail or all this info? I dont know. But I know that this method has this Full Path Disclosure Vulnerability.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    8 years, 10 months ago

    Hi, thank you for clarifying further your current issue/request. The plugin developers will investigate further.

    Kind regards

    Thread Starter livingflame

    (@livingflame)

    8 years, 10 months ago

    Part of the Solution.

    Create an email account in your Hosting and Obtain the STMP. For example:

    [email protected]
    mail.example.com
    port: 25

    Add this STMP to WordPress using a plugin: Easy WP STMP…

    Okey, but… you send an email from your WordPress… Go to Spam Folder or Junk in Hotmail! Gmail does not have problem with this method. I dont know Yahoo.

    And, when you Check origin, okey, your hosting username not appears again, but, your hostname1234.yourhost.com continues appearing.

    So, there are theses problems.

    WP Mails Go to Spam Folder and some Php / Hosting info is disclosed.

    @mbrsolution

    • This reply was modified 8 years, 10 months ago by livingflame.
    Plugin Contributor wpsolutions

    (@wpsolutions)

    8 years, 10 months ago

    Hi @livingflame,
    I’m not sure how to remove that info from the mail headers because it is created outside of the scope of this plugin. My gut feeling is that you probably can’t remove that info – or not easily anyway.
    You can try and consult your host support to see what they say.

    Thread Starter livingflame

    (@livingflame)

    8 years, 10 months ago

    Hi @wpsolutions

    Well, if you use a plugin like Mail Bank (STMP), when you send an emails, your-hosting-username not show. This is something. But continues appearing: hostname1234.yourhost.com I thing that it’s a problem of the Server.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    8 years, 10 months ago

    One thing to note which my host support people told me is that unfortunately there’s no easy way to remove this information from your email headers without risking your emails being marked as spam or spoofed.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘WP PHPMailer Vulnerability..’ is closed to new replies.