CVE-2026-4020 | RocketGenius Gravity SMTP Plugin up to 2.1.4 on WordPress REST API Endpoint mock-data register_connector_data Query information disclosure

A vulnerability classified as problematic has been found in RocketGenius Gravity SMTP Plugin up to 2.1.4 on WordPress. This impacts the function register_connector_data of the file /wp-json/gravitysmtp/v1/tests/mock-data of the component REST API Endpoint. Performing a manipulation of the argument Query results in information disclosure.

This vulnerability is reported as CVE-2026-4020. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More