az6667's Replies | ww.wp.xz.cn

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

Forum: Plugins
In reply to: [Plainview Activity Monitor] phpmailer CVE-2016-10033

Thread Starter az6667
(@az6667)

9 years, 5 months ago

I can confirm that PHPMailer v5.2.21 has been released via github.

This version patches both the 10033 and 10045 vulnerabilities.

Forum: Plugins
In reply to: [Plainview Activity Monitor] phpmailer CVE-2016-10033

Thread Starter az6667
(@az6667)

9 years, 5 months ago

Thankyou for your attention to this, it is appreciated.

Please be advised, however, that the patch for CVE-2016-10033 included in PHPMailer v5.2.18 seems to have introduced another vulnerability 😐 (CVE-2016-10045)

Since, as you say, Plainview doesn’t make use of PHPMailer, I expect the exposure is low.
However, you can expect a new release, e.g. 5.2.20 at some point in the near future, to address the new vuln.

Viewing 2 replies - 1 through 2 (of 2 total)