ShapedPlugin Supply Chain Attack Sent Backdoored WordPress Updates to Paying Customers
VPN Central [Unofficial]
June 22, 2026
A supply chain attack on ShapedPlugin’s paid WordPress plugin update system sent backdoored releases to customers who installed updates from the vendor’s official channels. The incident affected several Pro plugins and gave attackers a path to steal credentials, collect site data, and write files remotely on compromised WordPress sites. The issue affected Product Slider Pro […]
The post ShapedPlugin Supply Chain Attack Sent Backdoored WordPress Updates to Paying Customers appeared first on VPN Central.
Discussion in the ATmosphere