Aligned release dates in the readme and changelog files for version 2.10.6 to ensure consistency. This eliminates potential confusion regarding the plugin version history.
This release adds multiple enhancements, including WebP support, new filter hooks, license debugging, and improved extension upgrades. It also fixes issues like numeric field filtering, profile link handling, and dependencies with Action Scheduler. Cached assets should be regenerated post-upgrade.
Ensure 'start_of_week' option is validated as numeric to prevent incorrect calculations. This fixes potential issues when non-numeric values are stored in the option.
Introduced the `um_admin_blocks_prefixes_excluded` JS filter hook to allow exclusion of third-party Gutenberg blocks with specific prefixes from UM restriction attributes. This improves compatibility and flexibility when handling external blocks. Updated relevant JS and documentation files to support this feature.
Introduced the `um_get_empty_status_users_query_result` filter to allow customization of the query used for fetching users with empty statuses. This enhances flexibility and enables optimization for different website setups. Updated relevant documentation in the readme file.
Refactored methods to change user profile edit and comment author URL logic, ensuring compatibility with Ultimate Member plugin's structure. Updated readme file to reflect changes and fixed bugs related to profile link display in the comments section.
Introduced new filter hooks for primary button classes in forms and improved URL handling for password resets and account activations. Deprecated several unused functions and replaced them with updated alternatives to streamline the codebase. Updated documentation and templates accordingly.
Bump version across plugin files and update references to reflect the new official release, 2.10.6. This ensures consistency in documentation and downloadable resources.
Added filter hooks for button classes and tweaked Site Health data logic for better 3rd-party integration. Fixed shortcode handling, email placeholder issues, and corrected naming inconsistencies like "North Macedonia."
Document enhancements, bug fixes, and template update for v2.10.5, including new filter hooks, email placeholder fixes, and Action Scheduler updates. Highlight required cache flush and asset regeneration post-update.
Bump plugin version to 2.10.5 and update stable tag in readme. Upgraded Action Scheduler dependency to version 3.9.2 to address library errors. Added filter hooks for primary button classes and improved deactivation logic for better scheduling handling.
Updated the deactivation process to properly un-schedule Action Scheduler actions, ensuring cleaner plugin behavior and preventing potential issues with lingering tasks. This change improves overall maintainability and stability.
Addressed CVE-2025-47691 by updating the dynamic blacklist logic using WordPress functions. Fixed bugs related to Action Scheduler, password reset functionality, and email change settings for user accounts, ensuring better role compatibility. Updated version to 2.10.4.
Simplified conditional checks for password and account form submissions by replacing `isset` with `!empty` where applicable. This improves readability and reduces redundancy while maintaining functionality and security. Added comments to clarify nonce verification status.
Added a mechanism to dynamically retrieve and merge updated WordPress function lists into the blacklist to prevent unsafe usage in dropdown options. Addresses a security issue (CVE-2025-47691) by using a JSON-based function source tied to WordPress versioning.
This update fixes issues related to handling empty user statuses, ensuring proper account status checks and admin notice resets. It also updates plugin assets, documentation, and test scripts to reflect the new version (2.10.4). Additional improvements include enhanced error logging for more reliable diagnostics.
Added new settings for registration management and improved Action Scheduler flexibility. Resolved issues with Member Directory styling, filtering, and email placeholders. Updated terminology and documentation; ensure cached assets are refreshed post-update.
Introduced a setting to bypass "User Role > Registration Options" for auto-approving users created via wp-admin. Also adjusted admin email notifications to prevent alerts for user registrations made through wp-admin.
Bump stable version and update tested WordPress compatibility. Includes Action Scheduler refactor, bug fixes for Member Directory styles and filtering, and a PHP Warning fix. Cached assets should be regenerated after updating.
Bump version references across the plugin files from 2.10.2 to 2.10.3. This includes updates to documentation, changelog placeholders, and blueprint download URLs to ensure consistency and preparation for the new release.
This release addresses a critical security vulnerability (CVE-2025-1702) by improving query handling with `$wpdb->prepare()`. It also introduces new filesystem utility methods (`maybe_init_wp_filesystem`, `remove_dir`) and updates documentation accordingly. Users are strongly advised to update immediately.
This release addresses a security vulnerability (CVE-2025-1702) and includes several bugfixes, such as honeypot script handling and activation link behavior. Users must flush cached assets (JS/CSS) after upgrading to ensure proper functionality. Upgrade immediately for improved security and stability.
Corrected the release date for version 2.10.0 from February 17, 2025, to February 18, 2025, in both the changelog and readme files. No functional changes were made to the plugin.
Bump plugin version to 2.10.0, update documentation, and adjust URLs and metadata accordingly. This release includes increased minimum PHP and WordPress requirements and addresses security-related issues. Users are strongly advised to update immediately.
Raised minimum PHP version to 7.0 and finalized the plugin version to 2.9.3. Introduced a centralized user actions array and replaced 'manage_options' capability with 'edit_users' for better permission handling. Optimized the nonce actions extension method for cleaner code.
* reviewed #1619
Mykyta Synelnikov