[wp-trac] [WordPress Trac] #40472: Update PHPMailer to 5.2.25

WordPress Trac noreply at wordpress.org
Fri Oct 6 16:22:16 UTC 2017


#40472: Update PHPMailer to 5.2.25
-------------------------------------+------------------------------
 Reporter:  MattyRob                 |       Owner:
     Type:  enhancement              |      Status:  new
 Priority:  normal                   |   Milestone:  Awaiting Review
Component:  External Libraries       |     Version:  4.8
 Severity:  normal                   |  Resolution:
 Keywords:  has-patch needs-testing  |     Focuses:
-------------------------------------+------------------------------

Comment (by bgermann):

 CVE-2017-11503 is not an issue for WordPress, because the example is not
 included. BUT the potential XSS vulnerability may be an issue. The fix can
 be seen at https://github.com/PHPMailer/PHPMailer/commit/d46ba2d186.

 It does not need much time to integrate the existing (!) patch, but it
 would take much time to ensure, WordPress is not affected by this. So why
 not integrate the patch? Please!

--
Ticket URL: <https://core.trac.wordpress.org/ticket/40472#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list