{"uuid": "a148d051-c343-4b53-8256-05da3671f23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moqmnb5soe2u", "content": "Hackers are exploiting CVE-2026-4020 in Gravity SMTP, a WordPress plugin on 100,000 sites, to expose API keys, secrets, and OAuth tokens via a REST endpoint. #GravitySMTP #CVE20264020 #Wordfence", "creation_timestamp": "2026-06-20T19:45:52.553522Z"}