Multiple WordPress plugins from ShapedPlugin were compromised
in a supply chain attack after unknown threat actors managed to
tamper with the official release channels and push backdoor code.
"Attackers compromised the vendor's build and distribution
pipeline, injecting backdoor code into Pro plugin releases
distributed through official licensed update channels," Wordfence
said in an analysis
Read more https://thehackernews.com/2026/06/shapedplugin-wordpress-pro-plugins.html
