From Wordfence: Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin
The WordPress plugin Gravity SMTP is currently under active, large-scale attack due to a “Sensitive Information Exposure” vulnerability (CVE-2026-4020). The flaw exists in a REST API endpoint that incorrectly…
Why hack my WordPress site?
My site is small, has no users other than me and does not even have eCommerce or an email list. Why would anyone want to hack my simple, little WordPress site?