Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
Summary
Attackers are actively exploiting an unauthenticated information disclosure vulnerability within the Gravity SMTP WordPress plugin, which is installed on over 100,000 websites. The vulnerability allows threat actors to access sensitive information without proper authentication. Security researchers are urging users to update the plugin to the latest version as soon as possible to mitigate the risk.
IFF Assessment
The exploitation of a vulnerability in a widely used WordPress plugin by threat actors poses a direct risk to website security and data integrity.
Severity
This vulnerability has a CVSS score of 7.5 (High) due to its unauthenticated nature, allowing remote exploitation without user interaction. The information disclosure aspect can lead to further attacks or data theft, impacting confidentiality.
Defender Context
This incident highlights the ongoing risks associated with unpatched WordPress plugins and the importance of promptly applying security updates. Defenders should prioritize auditing their WordPress installations for vulnerable plugins and consider implementing Web Application Firewalls (WAFs) with rules to detect and block exploits targeting known plugin vulnerabilities.