Public Vulnerability notification – false alarm?
I’ve been notified by an anti-malware service that BuddyPress is using a vulnerable version of PHP Mailer, indicating the below file:
and referencing the below CVE’s:
RCE : CVE-2016-10045, CVE-2016-10031
Can you confirm if this is a false alarm so I can bring this to the attention of the anti-malware developers.
- You must be logged in to reply to this topic.