Gravity SMTP plugin has CVE-2026-4020. API keys, secrets, OAuth tokens exposed to unauthenticated visitors. 100K+ sites affected.
Fix: Update or deactivate Gravity SMTP plugin.
Source: Wordfence, The Hacker News (June 20, 2026)
Support: https://www.buymeacoffee.com/muhamedfazalps
Gravity SMTP plugin has CVE-2026-4020. API keys, secrets, OAuth tokens exposed to unauthenticated visitors. 100K+ sites affected.
Fix: Update or deactivate Gravity SMTP plugin.
Source: Wordfence, The Hacker News (June 20, 2026)
Support: https://www.buymeacoffee.com/muhamedfazalps