ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack

"Prevention is cheaper than a breach"

Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code.

“Attackers compromised the vendor’s build and distribution pipeline, injecting backdoor code into Pro plugin releases distributed through official licensed update channels,” Wordfence said in an analysis

Scroll to top