2.6.2

= 2.6.2 - 2023/01/30 =

• This maintenance release adds compatibility with plugins that set user roles, ie membership plugins.
• Tweak - Validate $post->ID is not empty for compatibility with User Role plugins

2.6.1

= 2.6.1 - 2023/01/07 =

• Please run this update now to apply a security vulnerability patch
• Security - Page View Block security hardening.

2.6.0

= 2.6.0 - 2023/01/03 =

• This feature release removes the fontawesome lib and replaces icons with SVGs plus adds Default Topography option to font controls.
• Feature - Convert icon from font awesome to SVG
• Feature - Update styling for new SVG icons
• Plugin Framework - Update typography control from plugin framework to add support for Default value
• Plugin Framework - Default value will get fonts set in the theme.
• Plugin Framework - Change generate typography style for change on typography control
• Plugin Framework - Remove fontawesome lib

2.5.6

= 2.5.6 - 2022/09/20 =

• This maintenance release has a security vulnerability patch, please run this update.
• Security - This release has a patch for a security vulnerability identified by @darius_fx from Patchstack

2.5.5

= 2.5.5 - 2022/05/24 =

• This maintenance release is for compatibility with WordPress major version 6.0 plus a bug fix.
• Tweak - Test for compatibility with WordPress 6.0
• Fix - Alignment settings for page view count block not working on frontend

2.5.4

= 2.5.4 - 2022/04/18 =

• This maintenance release has 2 fixes for plugins that filter custom content without post or page.
• Fix - Return custom content for 3rd plugin that use apply_filters 'the_content' instead of the post, page or post type.
• Fix - Return custom content for 3rd plugin that use apply_filters 'the_excerpt' instead of the post, page or post type.

2.5.3

• This security release follows a full security audit with code refactoring, security hardening including additional escaping and sanitizing.
• Security - Define new esc_attribute_name_e function to escape attribute name late for echo
• Security - Define new esc_description_e function to escape description late for echo
• Security - Escape all $-variable
• Security - Sanitize all $_REQUEST, $_GET, $_POST
• Security - Apply wp_unslash before sanitize

2.5.2

• This maintenance release contains more code security hardening updates – please run it now.
• Security - Define new esc_attribute_array_e function to escape attribute array late for echo
• Security - Escape $default_color late for echo
• Security - Put $-variable additional with html include into wp_kses_post
• Security - Turn off display_errors to prevent malformed JSON from API for when WP_DEBUG is set to off OR WP_DEBUG_DISPLAY is set to off
• Framework - Allow filters output of CSS are generated from plugin framework
• Framework - Upgrade Plugin Framework to version 2.6.0

2.5.1

= 2.5.1 - 2022/02/25 =

• This maintenance release contains security hardening updates - please run it now.
• Security - Apply wp_kses_post for $-variables that include html before output
• Security - Validate $is_open variable
• Security - Move check nonce and capabilities from before to inside functions

2.5.0

= 2.5.0 - 2022/02/23 =

• This update has 4 code tweaks that harden the plugins security and improve performance - please run this update as soon as you see it.
• Tweak - Nonce check for when settings form is submitted from plugin framework
• Tweak - Capabilities manage_options check for when settings form is submitted from plugin framework
• Tweak - Call update_google_map_api_key when settings form is submitted instead of instance of Admin_UI
• Tweak - Call update_google_font_api_key when settings form is submitted instead of instance of Fonts_Face