phpmailer/phpmailer vulnerabilities

PHPMailer is a full-featured email creation and transfer class for PHP

Latest version: v6.0.7

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the phpmailer/phpmailer package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Arbitrary Object injection
>=5.0.0, <5.2.27,>=6.0.0, <6.0.6 Not available 19 Nov, 2018
  • M
Cross-site Scripting (XSS)
<5.2.24 Not available 26 Jul, 2017
  • H
Arbitrary Code Execution
<5.2.20 Not available 28 Dec, 2016
  • H
Arbitrary Code Execution
<5.2.18 Not available 23 Dec, 2016
  • M
Arbitrary File Disclosure
<5.2.22 Not available 06 Jan, 2016
  • M
CRLF Injection
<5.2.14 Not available 01 Nov, 2015