BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

WordPress Gravity SMTP Bug Exploited, API Keys Stolen

WordPress plugin flaw exposes API keys on 100,000 sites; update and rotate credentials now.

  • A WordPress plugin flaw exposes API keys and system data on roughly 100,000 sites.
  • The vulnerability allows unauthenticated attackers to harvest credentials for email services.
  • Over 17 million exploit attempts have been blocked by Wordfence since May 2026.
  • Site owners must update the Gravity SMTP plugin and rotate all compromised credentials immediately.

Threat actors are actively exploiting a medium-severity vulnerability in the Gravity SMTP WordPress plugin, installed on approximately 100,000 websites, to steal sensitive configuration data and API keys. The flaw, tracked as CVE-2026-4020, was disclosed on June 20, 2026, and allows attackers to access internal system reports without authentication.

- Advertisement -

This vulnerability exists because a specific REST API endpoint lacks proper access controls, according to a report by Wordfence. Consequently, unauthenticated requests can return nearly 365 KB of JSON data containing a full site system report.

The exposed information includes PHP version, database details, active plugins, and live third-party API keys for services like Amazon SES and Google. Attackers can then abuse these credentials to send emails from the compromised site and gather intelligence for further attacks.

Wordfence has blocked more than 17 million exploit attempts targeting this vulnerability to date. Initial activity began in early May 2026 before spiking dramatically in June, reaching over 4 million requests in a single day.

The attacks originate from a list of specific IP addresses, including 45.148.10.95 and 185.8.107.155. Meanwhile, a patch for the issue is available in Gravity SMTP version 2.1.5.

- Advertisement -

Site owners using vulnerable versions must update the plugin immediately and assume their connected credentials are compromised. They should also rotate all exposed API keys and OAuth tokens configured for the plugin’s email integrations.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

IMF: Dollar stablecoins may amplify currency runs in fixed-rate economies

An IMF working paper by economist Brandon Joel Tan models how dollar stablecoins improve...

Japan Plans to Legalize Cryptocurrency ETFs, Minister Says

Japanese Finance Minister Satsuki Katayama announced plans to legalize cryptocurrency ETFs.ETFs let investors gain...

Robinhood enables AI agents for crypto trades in US

Robinhood will allow eligible US crypto traders to connect third-party AI agents for autonomous...

Musk directs Tesla to adopt Grok 4.5 for lower token costs

Elon Musk directed Tesla staff to adopt xAI's Grok 4.5, citing lower token costs...

Bitcoin Surges to $65K Amid Multiple Bullish Catalysts

Bitcoin rallied above $64,600 on July 10, climbing more than 15% from its July...

Must Read

7 Best Cryptocurrency Lending Platforms in 2025 (Ranked & Reviewed)

QUICK LINKSOur MethodologyHow to Choose the Best Crypto Lending Platform: Key Factors to ConsiderIn-Depth Reviews of the 7 Best Crypto Lending Platforms1. Nexo -...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading