2.5.6

= 2.5.6 - 2022/09/20 =

• This maintenance release has a security vulnerability patch, please run this update.
• Security - This release has a patch for a security vulnerability identified by @darius_fx from Patchstack

2.5.5

= 2.5.5 - 2022/05/24 =

• This maintenance release is for compatibility with WordPress major version 6.0 plus a bug fix.
• Tweak - Test for compatibility with WordPress 6.0
• Fix - Alignment settings for page view count block not working on frontend

2.5.4

= 2.5.4 - 2022/04/18 =

• This maintenance release has 2 fixes for plugins that filter custom content without post or page.
• Fix - Return custom content for 3rd plugin that use apply_filters 'the_content' instead of the post, page or post type.
• Fix - Return custom content for 3rd plugin that use apply_filters 'the_excerpt' instead of the post, page or post type.

2.5.3

• This security release follows a full security audit with code refactoring, security hardening including additional escaping and sanitizing.
• Security - Define new esc_attribute_name_e function to escape attribute name late for echo
• Security - Define new esc_description_e function to escape description late for echo
• Security - Escape all $-variable
• Security - Sanitize all $_REQUEST, $_GET, $_POST
• Security - Apply wp_unslash before sanitize

2.5.2

• This maintenance release contains more code security hardening updates – please run it now.
• Security - Define new esc_attribute_array_e function to escape attribute array late for echo
• Security - Escape $default_color late for echo
• Security - Put $-variable additional with html include into wp_kses_post
• Security - Turn off display_errors to prevent malformed JSON from API for when WP_DEBUG is set to off OR WP_DEBUG_DISPLAY is set to off
• Framework - Allow filters output of CSS are generated from plugin framework
• Framework - Upgrade Plugin Framework to version 2.6.0

2.5.1

= 2.5.1 - 2022/02/25 =

• This maintenance release contains security hardening updates - please run it now.
• Security - Apply wp_kses_post for $-variables that include html before output
• Security - Validate $is_open variable
• Security - Move check nonce and capabilities from before to inside functions

2.5.0

= 2.5.0 - 2022/02/23 =

• This update has 4 code tweaks that harden the plugins security and improve performance - please run this update as soon as you see it.
• Tweak - Nonce check for when settings form is submitted from plugin framework
• Tweak - Capabilities manage_options check for when settings form is submitted from plugin framework
• Tweak - Call update_google_map_api_key when settings form is submitted instead of instance of Admin_UI
• Tweak - Call update_google_font_api_key when settings form is submitted instead of instance of Fonts_Face

2.4.14

= 2.4.14 - 2022/01/21 =

• This is a maintenance release for compatibility with WordPress major version 5.9
• Tweak - Test for compatibility with WordPress 5.9
• Tweak - Test for compatibility with latest version of Gutenberg from WordPress 5.9
• Framework - Update a3rev Plugin Framework to version 2.5.0

2.4.13

= 2.4.13 - 2021/11/16 =

• This maintenance release has a bug fix for compatibility with Gutenberg 10.8 and PHP 8.x
• Tweak - Test for compatibility with PHP 8.x
• Tweak - Test for compatibility with Gutenberg 10.8
• Fix - Change block_categories to block_categories_all for work on Gutenberg 10.8

2.4.12

= 2.4.12 - 2021/07/19 =

• This maintenance release has code tweaks for WordPress 5.8 compatibility plus more Security hardening
• Tweak - Test for compatibility with WordPress 5.8
• Security - Get variable via name instead of use extract