Object Injection Vulnerability Affects WordPress Versions 3.7 to 5.7.1

If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a new object injection vulnerability which affects WordPress versions 3.7 to 5.7.1. Be sure to get updated to 5.7.2 as soon as possible!

According to WPScan, the new object injection vulnerability is due to versions of PHPMailer library between 6.1.8 and 6.4.0. The original CVE can be found here.

Continue reading Object Injection Vulnerability Affects WordPress Versions 3.7 to 5.7.1 at Sucuri Blog.

More great articles

High Severity Vulnerabilities in Post Grid and Team Showcase Plugins

On September 14, 2020, our Threat Intelligence team discovered two high severity vulnerabilities in Post Grid, a WordPress plugin with…

Read Story

Critical SQL Injection Vulnerability Patched in WooCommerce

On July 14, 2021, WooCommerce released an emergency patch for a SQL Injection vulnerability reported by security researcher Thomas DeVoss…

Read Story

Multiple Vulnerabilities Patched in Responsive Menu Plugin

On December 17, 2020, our Threat Intelligence team responsibly disclosed three vulnerabilities in Responsive Menu, a WordPress plugin installed on…

Read Story

Emergency WordPress Help

One of our techs will get back to you within minutes.