CVE-2016-10045 log

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
It has been discovered that the first patch of the vulnerability CVE-2016-10033 in PHPMailer was incomplete and could potentially still be used by unauthenticated remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application. This issue can be triggered by passing a maliciously crafted expression to the vulnerable application.
Group Package Affected Fixed Severity Status Ticket
AVG-142 wordpress 4.7-1 4.7.1-1 High Fixed FS#52555
Date Advisory Group Package Severity Type
15 Jan 2017 ASA-201701-22 AVG-142 wordpress High multiple issues
References
https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html