TECH NEWS

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Threat actors are exploiting a medium-severity vulnerability in the Gravity SMTP WordPress plugin to steal complete system details, Defiant warns.

Gravity SMTP for WordPress is an email deliverability plugin that integrates with multiple SMTP providers and API-based services to allow admins to send and track emails directly from their websites.

All plugin iterations before version 2.1.5 are affected by a sensitive information exposure vulnerability tracked as CVE-2026-4020 (CVSS score of 5.3) that has been exploited in the wild since early May.

The issue impacts a REST API endpoint that unconditionally returns true, thus becoming accessible to any unauthenticated user. If a specific parameter is appended to a query, the endpoint returns internal connector data in JSON format.

The data contains the full system report, including configuration data such as PHP and WordPress version, loaded extensions, web server details, document root path, database details, active plugins and theme, WordPress configuration details,...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://cdn.mos.cms.futurecdn.net/JwLurScLiFtAK934GLVoB3-1920-80.jpg

I can’t game without every piece of this glorious gear — here are my fave accessories this Prime Day whether I’m playing Xbox Series X or Nintendo Switch 2

As a gaming gadget reviewer, there's a roster of gaming gear I rely on literally every day. So if you're looking for some recommendations for products to upgrade your gaming setup this Prime Day, I've got plenty of tips for you! • View the full

https://cdn.mos.cms.futurecdn.net/rt9ZSJQtTjcjdtZaRzWXqC-2000-80.jpg

This LifeLock Total deal is better than anything you'll find in the Amazon Prime Day sales — 'meticulously crafted, user-friendly' identity theft protection

Identity theft is the number one crime in America, and when it comes to Prime Day sales the crooks are always looking to entice you with too-good-to-be-true deals to steal your financial info, ruin your credit score, and steal your identity. But right now, LifeLock total is just $29.17/

https://cdn.mos.cms.futurecdn.net/MvYnXzQ3BeGpfEbzNcH6fZ-1920-80.jpg

The Coalition says Active Reload is an 'iconic feature' that has been updated for Gears of War: E-Day, and some weapons also have 'additional reload mechanics'

* The Coalition studio creative director Matt Searcy says Active Reload is an "iconic" part of the Gears of War series * He explains that the team moved the mechanic to the middle of the screen in E-Day because "it feels better" * Searcy adds that players can learn

https://cdn.mos.cms.futurecdn.net/g9kFEWWNSvF9twQLD6jBqb-1920-80.jpg

This wild DJI Pocket clone with a built-in fan is the crossover I desperately need today — but these are the top vlogging cameras I actually recommend as a camera expert

In a product crossover nobody expected, the Philippines-based brand Goojodoq has launched a 2-in-1 DJI Pocket-style vlogging camera with a fan, which costs around $25 / £20. It's a device that I seriously need right now, and I can thank filmmaker Philip Bloom for bringing it to my attention.

Read more

I can&rsquo;t game without every piece of this glorious gear &mdash; here are my fave accessories this Prime Day whether I&rsquo;m playing Xbox Series X or Nintendo Switch 2

This LifeLock Total deal is better than anything you'll find in the Amazon Prime Day sales &mdash; 'meticulously crafted, user-friendly' identity theft protection

The Coalition says Active Reload is an 'iconic feature' that has been updated for Gears of War: E-Day, and some weapons also have 'additional reload mechanics'

This wild DJI Pocket clone with a built-in fan is the crossover I desperately need today &mdash; but these are the top vlogging cameras I actually recommend as a camera expert

I can’t game without every piece of this glorious gear — here are my fave accessories this Prime Day whether I’m playing Xbox Series X or Nintendo Switch 2

This LifeLock Total deal is better than anything you'll find in the Amazon Prime Day sales — 'meticulously crafted, user-friendly' identity theft protection

This wild DJI Pocket clone with a built-in fan is the crossover I desperately need today — but these are the top vlogging cameras I actually recommend as a camera expert