STRIKE
July 7, 2025
Reading Time: 2 minutes
9 Year Old Vulnerability Still Affecting Thousands (CVE-2016-10033)
SecurityScorecard July 7 Advisory
On July 07, 2025, CVE-2016-10033 was added to CISA’s list of Known Exploited Vulnerabilities (CISA-KEV). This vulnerability is a critical vulnerability affecting various versions of PHPMailer, Joomla and WordPress with a CVSS score of 9.8.
- Severity: Critical
- Impact: Severe impact, high likelihood of exploitation
- Action: Immediate action required – apply patches, restrict access, implement emergency security measures.
At the time of this writing, SecurityScorecard’s Attack Surface Intelligence has found 13532 IPs that are vulnerable to this CVE.
The top industries affected by this vulnerability are:
|
Industry |
Count |
|
Information Services |
4155 |
|
Technology |
2580 |
|
Telecommunications |
1983 |
|
Retail |
1692 |
|
Financial Services |
1562 |
|
Manufacturing |
1518 |
|
Technical |
1330 |
|
Education |
1166 |
|
Entertainment |
1086 |
|
Construction |
1042 |
