Addressed CVE-2025-13220 by implementing necessary fixes in the plugin's shortcodes and updating sanitization for shortcode attributes. Removed redundant compatibility checks for WordPress versions earlier than 5.4 and improved stability in the shortcode handling logic.
Bumped the Ultimate Member plugin version to 2.11.1 in multiple files, including improved metadata references (README, changelog, blueprint). Ensures consistency across documentation and assets for the updated release.
Enhanced the action hook 'um_after_profile_header_name' by including `$args` and `$user_id` parameters. Updated documentation and examples to reflect these changes, enabling more flexible and detailed customization options for developers.
Bump the required version of the 'groups' dependency from 2.4.2 to 2.5.0. This ensures compatibility with the latest features and fixes provided by the updated version.
Bump the plugin version from 2.10.7 to 2.11.0 in all relevant files, reflecting the latest release. This includes updates to documentation, metadata, changelogs, and file references to maintain consistency.
Changed the PHP version from 'latest' to '8.4' in the code-quality and build-release workflows. This ensures consistency and avoids potential issues with future PHP version updates.
Updated the "Tested up to" WordPress version to 6.9 in the plugin readme file. Adjusted the release date for version 2.10.7 in both readme.txt and changelog.txt to reflect the correct December 2, 2025 date.
Refactor the subnav link class generation to use an array-based approach. This ensures better flexibility and readability while adding the "active" class conditionally when needed.
Switched from PHP 7.4 to 'latest' in the code-quality GitHub Actions workflow to ensure compatibility with the most up-to-date PHP version. This change improves maintainability and aligns the build process with modern PHP standards.
The "squizlabs/php_codesniffer" dependency was removed as it is no longer required. This helps reduce unnecessary package management overhead and ensures the package list remains streamlined.
Updated `composer.json` to adjust development dependencies, including upgrading PHP CodeSniffer and adding `symplify/phpstan-rules`. Modified GitHub Actions workflow to use the latest PHP version for builds, ensuring compatibility and latest features.
Updated the GitHub Actions workflow to use PHP 8.1 instead of the latest version. This ensures better compatibility and stability by avoiding unexpected changes in newer PHP releases.
This change updates the phpDocumentor version from 3.1.* to 3.8.* in composer.json to ensure compatibility with the latest features and fixes. Keeping dependencies up-to-date enhances stability and security.
Introduced a 2nd `$args` parameter to the 'um_cover_area_content' action hook for greater flexibility. Also resolved PHP warnings related to roles without metadata to ensure smoother functionality.
Updated the `um_cover_area_content` hook to pass an additional `$args` parameter for enhanced customization in the user profile cover wrapper. Improved the documentation for clarity and usability.
Resolved conflicts in the image uploader caused by third-party lazy-loading attributes and improved emoji handling with a refined regex. Added an extra condition to license activation checks and updated the `Extensions_Updater` to utilize Action Scheduler for smoother extension upgrades.
Downgraded the 'groups' dependency from 2.5.0 to 2.4.2 to address compatibility issues. This ensures proper functionality with the current plugin setup.
Ensure `get_option` returns an empty array as a fallback to prevent errors when metadata for a role does not exist. This resolves potential issues with undefined or unexpected data during role editing.
Enhanced the handling of wall posts and comments in both Activity and Groups modules. Updated Groups plugin to version 2.5.0, requiring UM Core 2.10.7. Adjusted dependency versions and changelogs to match the latest updates.
Adjusted release dates in changelogs for multiple plugins to reflect updates on November 19, 2025. Added tweaks for integration with Social Activity wall and user mentions in relevant plugins.
Bumps required plugin version dependencies for compatibility. Refactors the `emotize` method by adding a `$stripslashes` parameter to provide optional handling of string slashes, improving flexibility and functionality.
Bump version to 2.6.2, updating dependency requirements for UM core to 2.10.7. Integrated extensions updater and polished compatibility with Action Scheduler. Minor code formatting adjustments for better readability.
This release includes enhancements such as transitioning the `Extensions_Updater` to use the Action Scheduler for smoother extension upgrades. Bug fixes address profile link issues in comments, improve emoji conversion with `emotize`, and correct label typos.
Introduced the `UM_UPDATER_DEBUG` constant to enable debugging for upgrade packages. This facilitates easier troubleshooting and testing during update processes.
Updated the `package_start` method to define separate hooks for 'start' and 'complete' package lifecycle events. This improves code clarity and prepares the updater for handling more specific actions in the future.
Introduced batch processing for extension updates with package start and complete hooks, preventing duplicate actions via transient flags. Added constants for configuration and helper methods to manage package version state effectively. Ensures smoother upgrade handling for Ultimate Member extensions.
Previously, requests on license validation did not adequately handle empty responses or WP errors. This update ensures retries are performed with `sslverify=true` in such cases and enhances debug logging to provide clearer error details for troubleshooting.
Mykyta Synelnikov