CVE-2016-10045 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	It has been discovered that the first patch of the vulnerability CVE-2016-10033 in PHPMailer was incomplete and could potentially still be used by unauthenticated remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application. This issue can be triggered by passing a maliciously crafted expression to the vulnerable application.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-142	wordpress	4.7-1	4.7.1-1	High	Fixed	FS#52555

Date	Advisory	Group	Package	Severity	Type
15 Jan 2017	ASA-201701-22	AVG-142	wordpress	High	multiple issues

References
https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html