Advertisement
MEDIUM
Vulnerabilities
CVE-2026-4020: Gravity SMTP Exploit Exposes WordPress API Keys
Unauthenticated attackers are exploiting CVE-2026-4020 in the Gravity SMTP WordPress plugin to extract API keys, secrets, and OAuth tokens from 100,000 sites.
Runtime Rebel Intel
3 min read·Jun 20, 2026
VU
HIGH
Vulnerabilities
CVE-2024-49403: Gravity SMTP Information Disclosure Patch Guidance
Exploitation of CVE-2024-49403 in the Gravity SMTP WordPress plugin allows unauthenticated actors to steal SMTP credentials. Learn how to secure your site now.
Runtime Rebel Intel
3 min read·Jun 20, 2026