SECURITYBLEEPING COMPUTER
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
Hackers are exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is active on 100,000 sites. The vulnerability allows threat actors to access sensitive data without authentication.
Mentioned
Related Signal
Adjacent reporting
- Avada Builder WordPress plugin flaws allow site credential theft
- Funnel Builder WordPress plugin bug exploited to steal credit cards
- Hackers exploit critical flaw in Ninja Forms WordPress plugin
- Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
- Hackers exploit file upload bug in Breeze Cache WordPress plugin