Gravity SMTP Wordfence Warning

  • jaxy1971

    (@jaxy1971)


    2 days, 4 hours ago

    Hi there all, we should do keep our eyes open when it comes to wordfence as they seams to plant (like in this case) Gravity SMTP that i had removed myself but was highly hammered with and i dont even use the Gravity SMTP at all, but after their email i understood that this was rather a clickbait than anything else. So this made me almost buy their service but now i don’t want it anymore and i know as AI helped me figure it out!

    Be careful guys

    Kind regards, thought for a while that it was a serious plugin.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Abu Hurarrah

    (@hurairah922)

    1 day, 18 hours ago

    It sounds like you received a security warning about Gravity SMTP and removed the plugin.

    Just to clarify: this does not necessarily mean Wordfence “planted” anything or that the warning was fake. Gravity SMTP did have reported vulnerabilities in older versions, including versions up to 2.1.4.

    If you no longer use Gravity SMTP, removing it was a reasonable step. You may also want to:

    – make sure the plugin is fully deleted, not just deactivated
    – update all other plugins, themes, and WordPress core
    – check your site users for unknown admin accounts
    – rotate any SMTP/API credentials that may have been used with the plugin
    – review your security logs for unusual activity

    If you believe the plugin was installed without your permission, that would be a separate security concern. In that case, check who has admin access to the site and review recent plugin installation activity if logs are available.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.