Back to Blog

#Information Disclosure

1 posts
Gravity SMTP bug turns WordPress email settings into an attacker map
vulnerability
CVE
WordPress Security

Gravity SMTP bug turns WordPress email settings into an attacker map

Gravity SMTP bug turns WordPress email settings into an attacker map Attackers are actively exploiting CVE-2026-4020, a Gravity SMTP [vulnerability](https://inv...

June 21, 2026
5 min read
Lucas Oliveira

Tags

Authentication Bypass
11
AI Security
9
Account Takeover
7
Active Exploitation
4
Access Control
3
API Security
3
Application Security
3
Authentication Tokens
3
Artificial Intelligence
2
AWS
2