External Publication
Visit Post

Hackers Exploit Gravity SMTP WordPress Plugin Flaw To Steal Site Configuration Data

VPN Central [Unofficial] June 22, 2026
Source
Hackers are actively exploiting a Gravity SMTP vulnerability that can expose sensitive WordPress site data without requiring a login. The flaw affects Gravity SMTP versions 2.1.4 and older and is fixed in version 2.1.5. The vulnerability is tracked as CVE-2026-4020. According to Wordfence, attackers have been using the bug at scale to pull detailed system […] The post Hackers Exploit Gravity SMTP WordPress Plugin Flaw To Steal Site Configuration Data appeared first on VPN Central.

Discussion in the ATmosphere

Loading comments...