News Security ShapedPlugin supply-chain compromise: backdoored Pro updates via official channels (CVE-2026-10735) June 22, 2026 / June 22, 2026 by Alex Mira | Leave a Comment Wordfence and BleepingComputer report a ShapedPlugin supply‑chain compromise that backdoored Pro updates via official channels (CVE-2026-10735). Free repo builds were reported clean. Read more » 2FA CVE-2026-10735 incident response ShapedPlugin Supply chain attack WooCommerce WordPress security
