WordPress 6.2.2 Exploit of PHPMailer by spam

  • Hi guys l need some assistance please. I have a WordPress site with word fence installed. Somehow the site is being exploited to send emails by accessing the wp-includes/PHPMailer directly. I have ran scans with Word Fence and the site is clean and contact form 7 db there is no spam emails saved in the database. What else can l do to resolve this issue.

    I did block 3 IP addressed and the exploit stopped for 3 weeks any assistance will be much appreciated.

    All contact forms have captcha codes all up to date

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hello,

    these types of exploits could be a security vulnerability of some plugin or theme that you have installed.

    If you are using the free version of WordFence you only get the necessary firewall rules to block these attacks 30 days after discovery.

    You can check if your installed plugins or themes have got known vulnerabilities in the WordFence vulnerabiliy database: https://www.wordfence.com/threat-intel/vulnerabilities/

    Thread Starter tigere

    (@tigere)

    Thank you for the quick response, l will have a look on the plugin list

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘WordPress 6.2.2 Exploit of PHPMailer by spam’ is closed to new replies.