Vulnerability in jmespath.php | WordPress.org

Resolved timbarkerse
(@timbarkerse)

1 week, 1 day ago

I believe jmespath.php is a dependency of wp-mail-smtp and this currently has a listed vulnerability as specified here: https://www.cve.org/CVERecord?id=CVE-2026-54133

Please could you update the dependency to the latest version. Thank you.

Viewing 1 replies (of 1 total)

Plugin Support Shawon Chowdhury
(@shawon001)

1 week ago

Hi @timbarkerse ,

Thanks for reaching out and reporting this.

Our devs are already aware of this and they will update the dependency in the next release.

Cheers 🙂

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.

1 reply
2 participants
Last reply from: Shawon Chowdhury
Last activity: 1 week ago
Status: resolved