{"id":3885,"date":"2016-12-27T02:39:26","date_gmt":"2016-12-27T07:39:26","guid":{"rendered":"http:\/\/local.brightwhiz\/?p=3885"},"modified":"2016-12-27T02:39:26","modified_gmt":"2016-12-27T07:39:26","slug":"critical-phpmailer-flaw","status":"publish","type":"post","link":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/","title":{"rendered":"Millions of Websites Affected by Critical PHPMailer Flaw"},"content":{"rendered":"

A critical PHPMailer<\/a> flaw has been discovered affecting millions of websites and frameworks that use this library <\/a>for their mailing needs. The vulnerability was discovered by Polish security researcher Dawid Golunski of Legal Hackers.<\/p>\n

PHPMailer is one of the most popular an open source class libraries written in PHP<\/a> that is used to send out emails. It is used by over nine million websites and popular web applications and frameworks which includes WordPress<\/a>, Joomla, Drupal, Yii, SugarCRM and 1CRM among others.<\/p>\n

Details of the Critical PHPMailer Flaw<\/h2>\n

The PHPMailer flaw in the critical vulnerability (CVE-2016-10033) allows an attacker to remotely execute arbitrary code in the context of the web server and compromise the target web application.<\/p>\n

“The attack could hit components with contact forms, registration forms, password email resets and other forms that send out emails with the help of a vulnerable version of the PHPMailer class,” Golunski said<\/a>.<\/p>\n

All versions prior to PHPMailer 5.2.18 released on December 25th are vulnerable therefore web administrators and developers are strongly recommended to update to the patched release. The release can be downloaded from the official source repository here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

A critical PHPMailer flaw has been discovered affecting millions of websites and frameworks that use this library for their mailing needs. The vulnerability was discovered by Polish security researcher Dawid…<\/p>\n","protected":false},"author":1,"featured_media":3891,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[30,207,219,313,320,331,350,452,453,526,539,543,567,591,643,651,655],"yoast_head":"\nCritical PHPMailer Flaw Affects Millions of Websites<\/title>\n<meta name=\"description\" content=\"A new Critical PHPMailer Flaw has been discovered which affects millions of websites and web applications that send out email using the popular PHP library\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical PHPMailer Flaw Affects Millions of Websites\" \/>\n<meta property=\"og:description\" content=\"A new Critical PHPMailer Flaw has been discovered which affects millions of websites and web applications that send out email using the popular PHP library\" \/>\n<meta property=\"og:url\" content=\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\" \/>\n<meta property=\"og:site_name\" content=\"Brightwhiz.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/brightwhiz\/\" \/>\n<meta property=\"article:published_time\" content=\"2016-12-27T07:39:26+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Bright\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:site\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Bright\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\"},\"author\":{\"name\":\"Michael Bright\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\"},\"headline\":\"Millions of Websites Affected by Critical PHPMailer Flaw\",\"datePublished\":\"2016-12-27T07:39:26+00:00\",\"dateModified\":\"2016-12-27T07:39:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\"},\"wordCount\":194,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg\",\"keywords\":[\"1CRM\",\"Drupal\",\"Email\",\"InfoSec\",\"Internet\",\"Joomla\",\"Libraries\",\"PHP\",\"PHPMailer\",\"Security\",\"SMTP\",\"Software Design\",\"SugarCRM\",\"Tools\",\"Websites\",\"WordPress\",\"Yii\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\",\"url\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\",\"name\":\"Critical PHPMailer Flaw Affects Millions of Websites\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg\",\"datePublished\":\"2016-12-27T07:39:26+00:00\",\"dateModified\":\"2016-12-27T07:39:26+00:00\",\"description\":\"A new Critical PHPMailer Flaw has been discovered which affects millions of websites and web applications that send out email using the popular PHP library\",\"breadcrumb\":{\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg\",\"width\":1200,\"height\":630,\"caption\":\"Critical PHPMailer Flaw\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/local.brightwhiz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Millions of Websites Affected by Critical PHPMailer Flaw\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/local.brightwhiz\/#website\",\"url\":\"http:\/\/local.brightwhiz\/\",\"name\":\"Brightwhiz.com\",\"description\":\"Best Tech guides, Tutorials, and News\",\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/local.brightwhiz\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/local.brightwhiz\/#organization\",\"name\":\"Brightwhiz\",\"url\":\"http:\/\/local.brightwhiz\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"width\":706,\"height\":135,\"caption\":\"Brightwhiz\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/brightwhiz\/\",\"https:\/\/x.com\/brightwhizmag\",\"https:\/\/instagram.com\/bright_whiz\/\",\"https:\/\/www.pinterest.com\/sobbayi\/\",\"https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\",\"name\":\"Michael Bright\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"caption\":\"Michael Bright\"},\"sameAs\":[\"https:\/\/sobbayi.com\"],\"url\":\"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical PHPMailer Flaw Affects Millions of Websites","description":"A new Critical PHPMailer Flaw has been discovered which affects millions of websites and web applications that send out email using the popular PHP library","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/","og_locale":"en_US","og_type":"article","og_title":"Critical PHPMailer Flaw Affects Millions of Websites","og_description":"A new Critical PHPMailer Flaw has been discovered which affects millions of websites and web applications that send out email using the popular PHP library","og_url":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/","og_site_name":"Brightwhiz.com","article_publisher":"https:\/\/www.facebook.com\/brightwhiz\/","article_published_time":"2016-12-27T07:39:26+00:00","og_image":[{"width":1200,"height":630,"url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg","type":"image\/jpeg"}],"author":"Michael Bright","twitter_card":"summary_large_image","twitter_creator":"@brightwhizmag","twitter_site":"@brightwhizmag","twitter_misc":{"Written by":"Michael Bright","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#article","isPartOf":{"@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/"},"author":{"name":"Michael Bright","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32"},"headline":"Millions of Websites Affected by Critical PHPMailer Flaw","datePublished":"2016-12-27T07:39:26+00:00","dateModified":"2016-12-27T07:39:26+00:00","mainEntityOfPage":{"@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/"},"wordCount":194,"commentCount":0,"publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"image":{"@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg","keywords":["1CRM","Drupal","Email","InfoSec","Internet","Joomla","Libraries","PHP","PHPMailer","Security","SMTP","Software Design","SugarCRM","Tools","Websites","WordPress","Yii"],"articleSection":["News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/","url":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/","name":"Critical PHPMailer Flaw Affects Millions of Websites","isPartOf":{"@id":"http:\/\/local.brightwhiz\/#website"},"primaryImageOfPage":{"@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage"},"image":{"@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg","datePublished":"2016-12-27T07:39:26+00:00","dateModified":"2016-12-27T07:39:26+00:00","description":"A new Critical PHPMailer Flaw has been discovered which affects millions of websites and web applications that send out email using the popular PHP library","breadcrumb":{"@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#primaryimage","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/12\/PHPMailer-Flaw.jpg","width":1200,"height":630,"caption":"Critical PHPMailer Flaw"},{"@type":"BreadcrumbList","@id":"http:\/\/local.brightwhiz\/critical-phpmailer-flaw\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/local.brightwhiz\/"},{"@type":"ListItem","position":2,"name":"Millions of Websites Affected by Critical PHPMailer Flaw"}]},{"@type":"WebSite","@id":"http:\/\/local.brightwhiz\/#website","url":"http:\/\/local.brightwhiz\/","name":"Brightwhiz.com","description":"Best Tech guides, Tutorials, and News","publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/local.brightwhiz\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"http:\/\/local.brightwhiz\/#organization","name":"Brightwhiz","url":"http:\/\/local.brightwhiz\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","width":706,"height":135,"caption":"Brightwhiz"},"image":{"@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/brightwhiz\/","https:\/\/x.com\/brightwhizmag","https:\/\/instagram.com\/bright_whiz\/","https:\/\/www.pinterest.com\/sobbayi\/","https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ"]},{"@type":"Person","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32","name":"Michael Bright","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","caption":"Michael Bright"},"sameAs":["https:\/\/sobbayi.com"],"url":"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/"}]}},"_links":{"self":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/3885"}],"collection":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/comments?post=3885"}],"version-history":[{"count":0,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/3885\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media\/3891"}],"wp:attachment":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media?parent=3885"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/categories?post=3885"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/tags?post=3885"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}