From Wordfence: Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin

The WordPress plugin Gravity SMTP is currently under active, large-scale attack due to a “Sensitive Information Exposure” vulnerability (CVE-2026-4020). The flaw exists in a REST API endpoint that incorrectly…
Phantom Plugin Update on WordPress
I’ve done all my plugin updates, but I’m still showing that there’s one plugin that needs updating. When I go to Plugins, I don’t see a notice on any of them showing they need to be updated. How can I find out why I’m getting the notification to update a plugin when I don’t see a plugin that needs updating?