[wp-trac] [WordPress Trac] #40472: Update PHPMailer to 5.2.27
WordPress Trac
noreply at wordpress.org
Tue Nov 20 11:02:36 UTC 2018
#40472: Update PHPMailer to 5.2.27
------------------------------------+------------------------------
Reporter: MattyRob | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: External Libraries | Version: 4.8
Severity: critical | Resolution:
Keywords: has-patch dev-feedback | Focuses:
------------------------------------+------------------------------
Comment (by bgermann):
Every wp_mail call with the $attachments parameter set is vulnerable to
CVE-2018-19296. WP Core does not call wp_mail with $attachments. But
plugins that do and have no mitigating check in place are vulnerable.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40472#comment:28>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list