UPDATE: 28 DEC 2016 - Critical security update for CVE-2016-10045 please update again ASAP. This is in addition to CVE-2016-10033 as fixed in 5.2.18. You should update to 5.2.20 at a minimum.
Vulnerability: PHPMailer ">Patch...now. This is a very popular application, left unpatched it will be exploited.
Finder: Dawid Golunski (@dawid_golunski), https://legalhackers.com
PHPMailer
Probably the worlds most popular code for sending email from PHP!
Used by many open-source projects: WordPress, Drupal, 1CRM, SugarCRM, Yii, Joomla! and many more">|">@holisticinfosec