wp-mail.php in WordPress prior to 4.7.1 might allow remote malicious users to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress |