PHP Mailer vulnerability – is fscf still safe?

Viewing 7 replies - 1 through 7 (of 7 total)

  • Hi, the plugin has two options. WordPress and PHP to send e-mails.

    Thread Starter Bas T

    (@bas-t)

    It took me a while to find out where to set these options, but I see the standard setting is no php.
    Thanks!

    You are most welcome. Is your question answered? If it is do you still need more help? If you don’t need more help can you mark this support thread as resolved.

    Thank you

    I do suggest you update to version 4.0.45 or higher. I do not include PHPmailer but the plugin can use PHP mail() so I did add a new sanitize function fsc_is_shell_safe to check the email address for shell escape characters just to be on the safe side.

    Thread Starter Bas T

    (@bas-t)

    Great!
    One question left: Most webhosts use Patchman. Mine too. Patchman already forced an autmatic update upon every customer to mend the phpmailer vulnarability. Does your update work well with that one?

    I don’t know anything about patchman.
    I did upgrade FSCF WordPress to 4.0.45
    and I upgraded FSCF PHP to 3.1.4
    So if you run my contact form WordPress or PHP version make sure they are updated.

    Thread Starter Bas T

    (@bas-t)

    Thanks!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘PHP Mailer vulnerability – is fscf still safe?’ is closed to new replies.