CVE-2026-4020 is a vulnerability tracked across 1 threat cluster and 2 intelligence report mentions on ThreatCluster. First observed June 17, 2026; most recent activity June 21, 2026.
CVE-2026-4020 is an information disclosure vulnerability in the Gravity SMTP WordPress plugin, published on March 31, 2026. The flaw allows unauthenticated visitors to access sensitive system reports, including SMTP…