Gravity SMTP CVE-2026-4020: API keys leaked, 17M exploit attempts
Wordfence blocked 17M attempts at the unauth REST endpoint that dumps Gravity SMTP's full System Report — live API keys and OAuth tokens included. Patch is 2.1.5.
Wordfence blocked 17M attempts at the unauth REST endpoint that dumps Gravity SMTP's full System Report — live API keys and OAuth tokens included. Patch is 2.1.5.