Skip to main content
RuntimeRebel
← All Articles

Tag

#CVE-2026-4020

1 article

Advertisement

CVE-2026-4020: Gravity SMTP Exploit Exposes WordPress API Keys
MEDIUM
Vulnerabilities

CVE-2026-4020: Gravity SMTP Exploit Exposes WordPress API Keys

Unauthenticated attackers are exploiting CVE-2026-4020 in the Gravity SMTP WordPress plugin to extract API keys, secrets, and OAuth tokens from 100,000 sites.

Runtime Rebel Intel
3 min read·Jun 20, 2026