Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

The Hacker News·20. Juni 2026, 09:56

Originalartikel lesen bei The Hacker News

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers...

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Klue OAuth breach victim list grows as Icarus hackers claim attack

BleepingComputer·vor etwa 15 Stunden

Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin

BleepingComputer·vor etwa 17 Stunden

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Hacker News·vor etwa 19 Stunden

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

The Hacker News·vor etwa 19 Stunden

Texas govt data breach exposes over 3 million driver’s licenses

BleepingComputer·vor etwa 21 Stunden