Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
BleepingComputer [Unofficial]
June 19, 2026
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. [...]
Discussion in the ATmosphere