Threat actors are actively exploiting a critical security flaw in the widely used Gravity SMTP WordPress plugin to extract sensitive configuration data, including API keys and authentication tokens. The vulnerability, tracked as CVE-2026-4020 with a CVSS score of 5.3, affects all versions up to and including 2.1.4 and exposes more than 100,000 websites to potential […]
The post Hackers Exploit WordPress SMTP Plugin With 100,000+ Installs to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: