Since the wp_mail() function doesn’t clear the $phpmailer->AltBody attribute and uses the same $phpmailer object repetitively, it is necessary to clear any data that may have been stored in the attribute from previous wp_mail() calls.
This vulnerability affects the following application versions:
- Contact Form 7 4.4
- Contact Form 7 4.4.1
- Contact Form 7 4.4.2
- Contact Form 7 4.5
- Contact Form 7 4.5.1
- Contact Form 7 4.6
- Contact Form 7 4.6.1
- Contact Form 7 4.7
- Contact Form 7 4.8