diamondtheta

ok ??

Maybe the vulneraility was in the export-import function what you have removed in 1.5.2.

Yes, for the latest version I found out that WP toolkit also writes that it is ok.

And https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-remote-code-execution-rce-vulnerability?_a_id=110

wrote: “This vulnerability has been fixed in version 1.5.2. ” ??
Thanks!

I updated to 1.5.2, but in the 1.5.2 changelog you do not wrote any vulnerability fix ??

And I don’t know how WP toolkit works, so I don’t know how can I force WP toolkit to check it again ??

Do you?

Maybe it only checks once a month automatically or they send it manually after manual cheks, don’t know ??

So you too do not know what was WP toolkit discovered exactly? ??

WP toolkit is surely not in my wordpress (so it is not a wordpress plugin of mine), and it seems to be a cPanel extension from my host, because it surely have been sent from my hosts email with cpanel logo. This is why I am not familiar with it ??

Ok, thanks!
Yes I have updated the WP core and theme and plugins also yesterday, but have read that wp-load.php loads all important files, also password containing config php, etc. so did not knew that this “access” was a ‘FULL access’ or just a trying, but then it must be a trying ??
Thanks!