Mailer Malware

Nick · 23 October 2019 13:18

Afternoon All,

Imunify AV on Plesk is bringing up vulnerability warnings on the PHP mailer from Super Forms

AFAIK this is a false positive and this appears to be a recent development (last 48 hrs) - has anyone experience of such issues?

This site for a friend was the first one flagged: http://allamericanweddingcars.uk/contact/

Public Vulnerabilities

File	Vulnerability
/movie_kit/files/phpmailer/class.phpmailer.php	RCE : CVE-2016-10045, CVE-2016-10031
/contact-nick/files/phpmailer/class.phpmailer.php	RCE : CVE-2016-10045, CVE-2016-10031
/admin/index_files/stacks_in_1008_page29_phpmailer.php	RCE : CVE-2016-10045, CVE-2016-10031

Nick · 31 October 2019 22:07

Respect to Jon from 1litledesigner - he replied immediately and suggested I used the ’alternative mailer’ option in Super Forms - instantly the problem was solved.

Looking at the bigger picture the vulnerability in the php mailer script is due to an incorrectly applied patch in the original source code, not the fault of any of the RW developers!