What is the size of this file exactly? Is the date the same as class.smtp.php ? it should be 119.881 (before you update)

Update to latest version -> 16.3.1

It could also be that your server password (ftp password) is hacked, change it and upload again fully. (best is to make server totally empty)

Hi Andre E.

Thank You for your reply, I am using 16.2.1 and will update now to 16.3.1 and test again.

I checked the date and file size as you suggested and they are the same as your info, date same, file size 119.881.

My hosting ISP has requested the following, can you assist with this please.

I will once again add a TEMPORARY lift on this file. In order to add a permanent exception we require written confirmation from the developer stating that the file is not vulnerable and a checksum of the non-vulnerable file wich will be compared to the checksum of your files.

The version of the file you are using is 5.2.9 and you need at least version 5.2.18.

You may read this (amongst other articles) https://www.fortinet.com/blog/threat-research/analysis-of-phpmailer-remote-code-execution-vulnerability-cve-2016-10033.html

Adrian,
I will ask Incomedia to respond, because I can't give a qwritten confirmation statement. But I am sure it's save if the checksum is correct.

Best Regards,

Hi Adrian.

I thank you for reporting this to us.

I proceeded to notifying the developers of this, so that they can look further into it and analyze the situation properly.

For now, I can only suggest you currently ask your provider to keep the file unlocked, and I will be sure to notify you here as soon as news on this particular matter is available

Thank you again for your feedback

Stefano