Description
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.
Remediation
References
Related Vulnerabilities
WordPress Plugin File Manager Unspecified Vulnerability (4.1.4)
qdPM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-26165)
WordPress Plugin wpShopGermany Free Arbitrary File Upload (4.0.10)
MySQL CVE-2014-2450 Vulnerability (CVE-2014-2450)
WordPress Plugin Import any XML or CSV File to WordPress Arbitrary File Upload (3.2.3)