Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys | HappeningNow.news
Published Date: June 20, 2026

Cybersecurity · 1 views

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.

Source The Hacker News AI Summary Updated 3h 02m ago
Story intelligence Beta
Freshness Fresh Updated 3h 02m ago
Confidence Limited Single-outlet story
Coverage Single outlet
Views 1 Community interest
Read time 1 min ~50 words

AI Summary

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API k…

Read full article on The Hackernews

AI summaries can be wrong sometimes—always verify important details using the source article.

More coverage on this topic

Wordpress24 stories
View all Wordpress coverage
SUPPORT HAPPENINGNOW · Independent AI News Intelligence
SUPPORTER MESSAGE

Enjoyed this article? Consider supporting HappeningNow to help keep independent AI-powered news analysis moving forward. Your contribution helps cover infrastructure, AI summaries, and continued platform development.

Support HappeningNow
Category Cybersecurity
Outlet The Hackernews
Source The Hacker News
Return to Frontpage