Currently I am making feedback contact form without a plugin. Trying not to use plugins if possible. In action .php file there must be written server settings such as SMTP server, SMTP username etc. and eventually SMTP password. As it is not a Gmail, but hosting mailbox, SMTP password and mail password are the same. Says, that sending mail using SMTP is more secure. But if I will write all this data into my .php file insite WordPress platform will it be secure? What is possibility to be this data hacked?