Vulnerability in WordPress Plugin Actively Exploited to Steal API Keys
A medium-severity flaw in the Gravity SMTP WordPress plugin is being actively exploited by threat actors. This vulnerability allows unauthorized access to sensitive data, including API keys and OAuth tokens, on approximately 100,000 affected websites. Users are strongly advised to update the plugin to version 2.1.5 immediately and rotate any compromised credentials.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.