THREAT OPS › Threat News › Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin
Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin
<p>On March 30th, 2026, we publicly disclosed a Sensitive Information Exposure vulnerability in <a href="https://www.gravityforms.com/gravity-smtp/" rel="noopener" target="_blank">Gravity SMTP</a>, a WordPress plugin with an estimated 100,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to retrieve detailed system configuration data and, critically, any AP
MITRE ATT&CK techniques
Indicators of compromise
- ed1755942aa6cb7ca0583880be85d3b3md5
- CVE-2026-4020cve
- https://www.gravityforms.com/gravity-smtp/url
- https://www.cve.org/CVERecord?id=CVE-2026-4020url
- 131.0.0.0ipv4
- 45.148.10.95ipv4
- 193.32.162.60ipv4
- 176.65.148.139ipv4
- 173.199.90.188ipv4
- 45.148.10.120ipv4
- 185.8.107.155ipv4
- 185.8.106.37ipv4
- 185.8.106.92ipv4
- 185.8.106.145ipv4
- 176.65.148.30ipv4
- www.gravatar.comdomain