WP PHPMailer Vulnerability

  • Resolved livingflame

    (@livingflame)


    7 years, 4 months ago

    WordPress Sending Mail to Junk / PHPMailer 5.2.22 Vulnerability

    Username and Path Disclosure.

    When you send an email from your WordPress Site, go to Junk or Spam Folder.
    If View Message Source (Hotmail, Gmail…) you obtain:

    Received: from hostname1234.yourhost.com

    Received: from your-hosting-username by hostname1234.yourhost.com

    X-AntiAbuse: Primary Hostname – hostname1234.yourhost.com

    X-Source-Args: /opt/php70/bin… /your full path disclosure / admin-ajax.php

    X-Source-Auth: your-hosting-username

    SOLUTION?

    @mmaunder

    • This topic was modified 7 years, 4 months ago by livingflame.
Viewing 1 replies (of 1 total)

  • Hi,
    You will have to contact your web host to get help regarding how to hide these email headers (X-AntiAbuse, X-Source-Auth and X-Source-Args). I’m afraid there is no much you can do about that if you are on a shared hosting plan.

    Thanks.

Viewing 1 replies (of 1 total)
  • The topic ‘WP PHPMailer Vulnerability’ is closed to new replies.

Tags