TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

By rooter

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites.

The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Cielo vs Nansen vs Arkham: Which Wallet Tracker Pairs Best With a Telegram Trading Bot?

rooter
Cyber Security

Innovator Spotlight: Ensemble

rooter
Cyber Security

Innovator Spotlight: Centrii

rooter

Leave a Reply

You Missed

News

China’s Ministry of State Security Accuses ‘Spy Turtles and Spy Fish’ of Stealing Sensitive Marine Data

News

Toy Story has the right take on tech

Cyber Security

Cielo vs Nansen vs Arkham: Which Wallet Tracker Pairs Best With a Telegram Trading Bot?

News

Everyday Robovac Champions—Roborock Qrevo S Pro & QV 35A Head to Head