959bd82cdc
Update Ultimate Member plugin honeypot CSS and JS
...
Removed wp_add_inline_script/style and used `um_request` as default honeypot key in um-styles.css and um-scripts.js.
2025-02-19 12:36:26 +02:00
a0d19b7ab6
Simplify honeypot script and inline style logic.
...
Removed unnecessary condition checks around honeypot script and style injection. Streamlined the code to always enqueue the honeypot logic, improving maintainability and reducing complexity.
2025-02-19 01:03:46 +02:00
14a6b6e887
Update plugin release date in changelog and readme files
...
Corrected the release date for version 2.10.0 from February 17, 2025, to February 18, 2025, in both the changelog and readme files. No functional changes were made to the plugin.
2025-02-18 17:27:17 +02:00
dfabe84f85
Update Ultimate Member to version 2.10.0.
2025-02-13 12:09:05 +02:00
0c183594b1
Update Ultimate Member to version 2.10.0
...
Bump plugin version to 2.10.0, update documentation, and adjust URLs and metadata accordingly. This release includes increased minimum PHP and WordPress requirements and addresses security-related issues. Users are strongly advised to update immediately.
2025-02-13 11:28:28 +02:00
2c01e25b5c
Enhance form preview options and improve code consistency
...
Added separate buttons for 'Live Preview Screen' and 'Live Preview Mobile' in the form builder for better user experience. Updated coding standards for consistency, including proper handling of PHP tags and escaping functions. These changes improve readability, maintainability, and enhance functionality.
Issue #1646
2025-02-12 18:44:46 +02:00
aadad09ea9
Fix spacing for query arguments in action listener.
...
Adjusted spacing for better code readability and consistency in the query arguments within the class-actions-listener.php file. This change ensures the code aligns with coding standards without affecting functionality.
2025-02-12 18:26:37 +02:00
3ada6c71d9
Update PHP requirement and improve user action handling
...
Raised minimum PHP version to 7.0 and finalized the plugin version to 2.9.3. Introduced a centralized user actions array and replaced 'manage_options' capability with 'edit_users' for better permission handling. Optimized the nonce actions extension method for cleaner code.
* reviewed #1619
2025-02-12 18:25:26 +02:00
c3755baa16
Merge pull request #1624 from ultimatemember/fix/um-erase-data
...
The "Erase of your data" layout (CU-86cxneg3d)
2025-02-12 17:58:06 +02:00
b1d6cc646b
Refactor GDPR register template for improved readability.
...
Streamlined PHP logic and variable handling to enhance readability and maintainability. Consolidated duplicated code, ensuring cleaner output for privacy policy content and error management within the Ultimate Member plugin.
2025-02-12 17:55:11 +02:00
5633531153
Merge pull request #1643 from ultimatemember/fix/privacy_policy
...
Fix the "Privacy Policy" field in the registration form (CU-86cxva4f0)
2025-02-12 17:49:56 +02:00
422d2b7c67
Refactor password handling to bypass wp_unslash.
...
Introduce a dedicated method to handle password fields securely, avoiding `wp_unslash` for these fields. This enhances consistency and security when processing form data across the plugin.
2025-02-12 17:47:19 +02:00
cbc8c24b35
Merge pull request #1647 from ultimatemember/fix/password
...
Password set in Dashboard can't be used for UM login or vice versa (CU-86cxwy7ww)
2025-02-12 17:21:27 +02:00
38593400ba
Merge pull request #1644 from ultimatemember/fix/updates-request
...
Fixes updates request
2025-02-12 17:16:56 +02:00
51c4d6f072
Merge pull request #1645 from ultimatemember/security/mysql
...
Fixes CVE-2024-12276
2025-02-12 17:15:23 +02:00
17d95a189b
Task CU-86cxwy7ww
...
- password sanitize has been changed to the standard WordPress one.
2025-02-04 23:23:26 +02:00
4adbe19cbe
* fixed CVE-2024-12276;
...
* reviewed using $wpdb and WPCS;
* set minimum required version to 6.2 due to using %i for $wpdb->prepare;
2025-02-03 16:17:37 +02:00
a760a6242e
* updated requests to site URL;
...
* WPCS;
2025-01-31 15:19:28 +02:00
0221b40b57
Task CU-86cxva4f0
...
- fixed the "Privacy Policy" field in the registration form - stripped out forms and other disallowed HTML from the "Privacy Policy" content.
2025-01-30 23:21:29 +02:00
26c8aa21e1
Merge pull request #1642 from ultimatemember/fix/honeypot_script_style
...
Fixes honeypot script&style
2025-01-30 13:04:30 +02:00
865fbf83c2
* added honeypot scripts/styles via
...
`wp_add_inline_script()`, `wp_add_inline_style()`
2025-01-30 13:00:17 +02:00
4d43d94502
* related to https://github.com/ultimatemember/ultimatemember/commit/8ca44d02a02e887fc4ab9bcb8ea9ff18ab2c0413
2025-01-30 12:33:49 +02:00
236293645a
Merge pull request #1641 from ultimatemember/fix/cover_profile_photo_on_view
...
Cover and Profile photo uploaders (CU-86cxtae21) alternativity
2025-01-29 16:48:50 +02:00
bb0a49e08a
* update dropdown items texts on cover photo change/remove;
...
* WPCS;
2025-01-29 16:44:29 +02:00
fce490f54b
* update dropdown items texts on cover photo change/remove;
...
* WPCS;
2025-01-29 16:43:05 +02:00
4dd1be344e
* backward compatibility;
...
* update dropdown items texts on profile photo change/remove;
* added escapers;
* WPCS;
2025-01-29 16:01:02 +02:00
0520a55cc4
* removed hidden inputs on view mode;
...
* handle data attribute instead of the hidden input;
* WPCS;
2025-01-29 14:49:47 +02:00
e9e68e28cf
* added data attribute;
...
* updated hooks docs;
* WPCS;
2025-01-29 14:24:15 +02:00
817bc4b2e3
* fixed #1636
2025-01-24 18:32:11 +02:00
0e2cd16f73
Merge pull request #1634 from ultimatemember/fix/og_image_size
...
Open Graph Image Size (CU-86cxq9tuk)
2025-01-24 18:20:41 +02:00
5fc2cd54a4
* Reviewed #1634
2025-01-24 18:19:14 +02:00
5952c06c59
Task CU-86cxq9tuk
...
- changed Open Graph image size.
2025-01-19 14:58:59 +02:00
8bf8a0130b
fixed "Download your data" and "Erase of your data" fields layout.
2025-01-17 16:03:51 +02:00
b0b9f82ebe
* fixed order_count meta table update
2025-01-15 12:02:08 +02:00
0624a634d2
* fixed money_spent meta table update
2025-01-14 17:36:20 +02:00
6aab8152f8
* bump version;
2025-01-14 17:21:26 +02:00
980de8a800
Merge branch 'master' into development/2.9.x
2025-01-14 15:40:11 +02:00
5cb6ae6dc5
* prepared to the release
2025-01-14 15:39:01 +02:00
5b2c785def
* prepared to the release
2025-01-14 15:28:28 +02:00
f7b3585b1a
* prepared to the release
2025-01-14 15:24:45 +02:00
27aeef42af
* prepared to the release
2025-01-14 15:24:03 +02:00
dc81fa44ae
Merge pull request #1607 from ultimatemember/fix/remove_mobile_detect
...
Deprecates mobile detect library
2025-01-14 12:02:23 +02:00
fa0cfa84c2
Merge pull request #1616 from ultimatemember/fix/md_security
...
Fixes security vulnerabilities
2025-01-14 11:55:43 +02:00
5ebefde6b8
* fixed security issue CVE ID: CVE-2025-0308
2025-01-10 02:17:18 +02:00
e5fe05503a
* fixed security issue CVE ID: CVE-2025-0308
...
* fixed security issue CVE ID: CVE-2025-0318
2025-01-08 12:20:35 +02:00
5cefd5ba3a
Merge pull request #1609 from ultimatemember/fix/cropper-scalable
...
Maybe cropper.js fix
2025-01-02 14:10:04 +02:00
3c88512bc2
Merge pull request #1608 from ultimatemember/fix/show-hide-pw-ms-browser
...
Fixes show/hide password buttion in Edge browser
2024-12-20 01:03:20 +02:00
a0892e18aa
* enhancements related to #1599 ;
2024-12-19 17:24:52 +02:00
9d45a9f088
* fixed scalable attribute for cropper;
2024-12-19 13:25:29 +02:00
44bfcdeb38
* removed ms-native show password button for type="password" field in UM forms;
2024-12-19 13:00:20 +02:00
Mykyta Synelnikov