Critical Vulnerability in PHPMailer. Affects WP Core

A critical remote code execution vulnerability in PHPMailer has been discovered by Polish researcher Dawid Golunski.

The vulnerability was announced on yesterday but proof of concept exploit details were not included.

Unfortunately someone posted a proof of concept to exploit-db and to github demonstrating how the vulnerability can be exploited in the PHPMailer library, but not targeting any web application that is in use.