Adds configurable privacy options for member directories, allowing restrictions on visibility based on roles or login status. Introduces rate limiting for unauthenticated AJAX requests to prevent brute-force attacks or abuse.
Previously, requests on license validation did not adequately handle empty responses or WP errors. This update ensures retries are performed with `sslverify=true` in such cases and enhances debug logging to provide clearer error details for troubleshooting.
Introduced a new method `is_license_debug_enabled` to check debug conditions and added extensive logging for license requests when debugging is enabled. A new constant `UM_LICENSE_REQUEST_DEBUG` was also defined to control debug mode. These changes enhance visibility into license request handling during development or troubleshooting.
Updated logic to handle the 'predefined' field flag when determining default page creation. This ensures buttons for creating default pages only appear under the correct conditions, improving reliability and consistency.
Updated the structure of debug information methods by replacing `array_merge` with simpler array extensions and renaming variables for clarity. This ensures consistent handling of role metadata and improves readability and maintainability of code across multiple plugins.
Added a mechanism to dynamically retrieve and merge updated WordPress function lists into the blacklist to prevent unsafe usage in dropdown options. Addresses a security issue (CVE-2025-47691) by using a JSON-based function source tied to WordPress versioning.
This update enhances security by introducing checks for banned and blacklisted meta keys in custom fields. It includes CSS updates for admin builder styles and ensures banned fields are flagged accurately in the site health tool.
Introduced a new batch process to handle users lacking an `account_status` meta efficiently. Refactored legacy methods, added async scheduling, and created helper functions to manage and track progress. These changes improve performance and reliability for large user bases.
Updated the setting name across relevant files to improve clarity and better reflect its functionality. Adjusted related logic to ensure consistent behavior with the new naming.
Updated the Action Scheduler implementation to improve flexibility and clarity. Replaced the 'enable_action_scheduler' option with 'enable_as_email_sending' for better specificity. Introduced hook-based checks to selectively enable email scheduling, ensuring compatibility and optimized performance.
Added comments to clarify the usage of meta keys introduced in WooCommerce 9.1.0 and marked TODOs for future cleanup. Also included a legacy key, `_money_spent`, for backward compatibility with WooCommerce versions below 9.1.0.
Replaced deprecated and complex search query methods with a more streamlined and flexible implementation. Introduced improved handling of core and custom search fields, optimized search logic, and added better filter support. Incremented plugin version to 2.10.2 to reflect these changes.
* updated filters by status, avoid slow queries for getting users count;
* updated bulk-actions for changing statuses (moved to WP native dropdown)
* separate handlers for changing user statuses on wp-admin and frontend (partially implemented);
* created class UM()->common()->users() to handle user statuses in more clear format;
* deprecated old hooks and old functions
Mykyta Synelnikov