Updated the structure of debug information methods by replacing `array_merge` with simpler array extensions and renaming variables for clarity. This ensures consistent handling of role metadata and improves readability and maintainability of code across multiple plugins.
This update adds a condition to exclude empty `meta_value` entries in multiple queries within the member directory class. It ensures more accurate results and prevents potential issues caused by blank metadata in the `usermeta` table.
Document enhancements, bug fixes, and template update for v2.10.5, including new filter hooks, email placeholder fixes, and Action Scheduler updates. Highlight required cache flush and asset regeneration post-update.
Added checks to enforce primary email requirement and prevent secondary email duplication with the primary email. Improved user lookup for unique email verification using meta queries.
Introduces a mechanism to temporarily switch user context with `um_fetch_user` only when necessary, avoiding unintended user data overwrites. Ensures previous user context is restored after async email actions are triggered. This prevents potential conflicts in scenarios involving concurrent user operations.
Bump plugin version to 2.10.5 and update stable tag in readme. Upgraded Action Scheduler dependency to version 3.9.2 to address library errors. Added filter hooks for primary button classes and improved deactivation logic for better scheduling handling.
Introduced new filters to customize CSS classes for primary buttons in login, registration, and password reset forms. This allows developers to extend button styling by applying custom classes via WordPress hooks. Changes enhance flexibility and improve theme compatibility.
The login form shortcode functionality was outdated and no longer in use. By removing it, the codebase is simplified and unnecessary complexity is eliminated. This improves maintainability and aligns with the current state of the plugin.
Introduce the `[um_login]` shortcode for rendering the login form, with backend logic for customization and error handling. Enhance flexibility by adding filters to dynamically modify primary button classes for login, register, and password-reset forms.
Introduced a new `UM_Stripe_API` method in the `UM` class to extend functionality. Also added license metadata (GPLv3) and its URI in the plugin headers for better clarity and compliance.
Updated the deactivation process to properly un-schedule Action Scheduler actions, ensuring cleaner plugin behavior and preventing potential issues with lingering tasks. This change improves overall maintainability and stability.
Made the `deactivation` method public and added calls to unschedule specific actions related to email dispatch and account status checks. This ensures proper cleanup of scheduled tasks during plugin deactivation.
Streamline placeholder handling for emails by introducing universal patterns and replacements, and update email dispatch functions for efficiency. Deprecated various redundant user and password-related methods, consolidating logic into common utility classes for better maintainability.
Addressed CVE-2025-47691 by updating the dynamic blacklist logic using WordPress functions. Fixed bugs related to Action Scheduler, password reset functionality, and email change settings for user accounts, ensuring better role compatibility. Updated version to 2.10.4.
Simplified conditional checks for password and account form submissions by replacing `isset` with `!empty` where applicable. This improves readability and reduces redundancy while maintaining functionality and security. Added comments to clarify nonce verification status.
Simplified conditional checks for password and account form submissions by replacing `isset` with `!empty` where applicable. This improves readability and reduces redundancy while maintaining functionality and security. Added comments to clarify nonce verification status.
Added a mechanism to dynamically retrieve and merge updated WordPress function lists into the blacklist to prevent unsafe usage in dropdown options. Addresses a security issue (CVE-2025-47691) by using a JSON-based function source tied to WordPress versioning.
This update fixes issues related to handling empty user statuses, ensuring proper account status checks and admin notice resets. It also updates plugin assets, documentation, and test scripts to reflect the new version (2.10.4). Additional improvements include enhanced error logging for more reliable diagnostics.
Introduce fields for "Ignore User Role Registration Options" and re-add "Email sending by Action Scheduler" under the Site Health settings. This improves the clarity and organization of user options in the admin interface.
Added new settings for registration management and improved Action Scheduler flexibility. Resolved issues with Member Directory styling, filtering, and email placeholders. Updated terminology and documentation; ensure cached assets are refreshed post-update.
Added optional parameter to `reset_url` for user-specific handling. Updated email dispatch logic to include dynamic generation of the password reset link with proper placeholder replacements.
Ensure proper handling of user data in password reset functions by adding checks and updating parameter handling. Introduce a new filter to extend site health information and include a setting for enabling email sending via Action Scheduler. Improve code clarity with updated comments and function annotations.
Enhanced the `compare_versions` method to include a new `$raw` parameter for conditional handling. Improved readability, added additional checks, and updated translator comments to ensure compatibility and clear messaging.
Update country name from "Turkey" to "Türkiye"
Replaced the outdated reference to "Turkey" with "Türkiye" in the Ultimate Member plugin's built-in country list. This aligns with the country's preferred naming convention.
Mykyta Synelnikov