On Wed, 28 Dec 2016 11:31:11 +0100 Salvatore Bonaccorso <car...@debian.org> wrote: > > > the following vulnerability was published for libphp-phpmailer. > > > > > > CVE-2016-10033[0]: > > > remote code execution
I would like to point out that wordpress has an embedded/modified version of PHPmailer in it at wp-includes/class-phpmailer.php However, the wordpress developers have stated that if it is used correctly it is no vulnerable to it. It means that the core system and correctly written plugins have no impact[1]. Sorry, to hijack the libphp-phpmailer bug but I thought it should be noted somewhere wordpress, for once, isn't vulnerable. - Craig 1: https://core.trac.wordpress.org/ticket/37210 -- Craig Small (@smallsees) http://dropbear.xyz/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5