{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreietpli3bevqqgyy2s5tywgslydv6grz4etxkwbr4d7bu7q3qwjlbq",
"uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3moppnb5u3j32"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreibnyycdx4gzsfy3kggamduhu6y2tn2owrkd2scycx35sb6fq5zjta"
},
"mimeType": "image/jpeg",
"size": 315896
},
"path": "/2026/06/hackers-exploit-gravity-smtp-wordpress.html",
"publishedAt": "2026-06-20T09:56:04.000Z",
"site": "https://thehackernews.com",
"textContent": "Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.\n\nThe vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens",
"title": "Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys"
}