Shared from twixb · thehackernews.com

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

thehackernews.com·Jun 20, 2026

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin, allowing them to expose sensitive API keys. This highlights ongoing security risks in web applications and the importance of addressing software vulnerabilities.

The article highlights the exploitation of a vulnerability in the Gravity SMTP WordPress plugin, which exposes API keys, demonstrating the critical need for continuous monitoring and patch management of third-party plugins within your web infrastructure. For cybersecurity professionals, this underscores the importance of regularly updating and auditing plugins to prevent unauthorized access and potential breaches. Consider integrating automated vulnerability scanning solutions to identify and mitigate such risks promptly.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Want more content like this?

More from Cybersecurity News

New Prinz Eugen ransomware prioritizes recent files for encryption

From PGP to Mythos: a brief history of export controls that didn’t stop anyone

Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

Texas govt data breach exposes over 3 million driver’s licenses