On May 3, 2017, the open-source CMS software WordPress was revealed to have multiple vulnerabilities, one of which can be remotely exploited to run arbitrary code and obtain service permissions.
See the following for more information about the vulnerability.
WordPress unauthorized remote code execution vulnerability
The vulnerability exists in the widely used PHPMailer mail() function. A remote attacker can run the constructed malicious code over PHPMailer enabled by default to trigger the vulnerability without logon and obtain system permissions.
Condition and method of exploitation
The system runs on Exim4. A remote attacker can directly exploit the vulnerability.
- WordPress < 4.7.1
- PHPMailer < 5.2.20
Systems using Nginx as middleware are not affected by this vulnerability.
Check whether any affected versions of WordPress and PHPMailer are used. You can open the
wordpress/wp-includes/class-php-mailer.php file to view the PHPMailer version.
How to fix or mitigate
If you use Apache, you can specify ServerName as your website domain name and enable Apache’s UseCanonicalName function to avoid the risk.