Secure Software2 min readJune 19, 2026

Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin

An unauthenticated vulnerability in the Gravity SMTP WordPress plugin, installed on 100,000 sites, is being actively exploited by hackers to disclose sensitive information without requiring any credentials or login. If your organization uses WordPress wit

Read the full article: https://www.bleepingcomputer.com/news/security/hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin/

Could your website be vulnerable to attacks like this?

Run a free 10-point security scan on your site — headers, SSL, DNS, and more. Results in 15 seconds.

Test Your Site Now — It's Free

More Security Insights

Cybersecurity

Why Post-Quantum Cryptography Starts With Credentials

Read Cloud Security

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

Read