diff --git a/includes/admin/class-admin.php b/includes/admin/class-admin.php
index c34d913c..2f6f12d3 100644
--- a/includes/admin/class-admin.php
+++ b/includes/admin/class-admin.php
@@ -1760,6 +1760,8 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
delete_transient( "um_count_users_{$status}" );
}
+ delete_transient( 'um_count_users_all' );
+
do_action( 'um_flush_user_status_cache' );
$url = add_query_arg(
diff --git a/includes/admin/templates/dashboard/users.php b/includes/admin/templates/dashboard/users.php
index 5be7fde9..e1bb55a1 100644
--- a/includes/admin/templates/dashboard/users.php
+++ b/includes/admin/templates/dashboard/users.php
@@ -3,70 +3,70 @@ if ( ! defined( 'ABSPATH' ) ) {
exit;
}
?>
-
|
- query()->count_users(); ?>
+ query()->count_users() ); ?>
-
+
|
-
- query()->count_users_by_status( 'awaiting_admin_review' ); ?>
-
-
-
-
+
+ query()->count_users_by_status( 'awaiting_admin_review' ) ); ?>
+
+
+
+
|
|
-
- query()->count_users_by_status( 'approved' ); ?>
-
-
-
-
+
+ query()->count_users_by_status( 'approved' ) ); ?>
+
+
+
+
|
-
- query()->count_users_by_status( 'awaiting_email_confirmation' ); ?>
-
-
-
-
+
+ query()->count_users_by_status( 'awaiting_email_confirmation' ) ); ?>
+
+
+
+
|
|
-
- query()->count_users_by_status( 'rejected' ); ?>
-
-
-
-
+
+ query()->count_users_by_status( 'rejected' ) ); ?>
+
+
+
+
+
|
-
- query()->count_users_by_status( 'inactive' ); ?>
-
-
-
-
+
+ query()->count_users_by_status( 'inactive' ) ); ?>
+
+
+
+
|
diff --git a/includes/ajax/class-secure.php b/includes/ajax/class-secure.php
index f69fc682..898ab5de 100644
--- a/includes/ajax/class-secure.php
+++ b/includes/ajax/class-secure.php
@@ -287,7 +287,7 @@ class Secure {
$content .= ' ' . esc_html__( 'Click here to lock them now.', 'ultimate-member' ) . '';
$content .= ' ' . esc_html__( 'You can unblock the Register forms later. Just go to Ultimate Member > Settings > Advanced > Security and uncheck the option "Lock All Register Forms".', 'ultimate-member' );
$content .= $br . $br;
- $suspicious_accounts_url = admin_url( 'users.php?um_status=inactive' );
+ $suspicious_accounts_url = admin_url( 'users.php?um_user_status=inactive' );
if ( $might_affected_users->get_total() > 0 ) {
$od = gmdate( 'F d, Y', $oldest_date );
diff --git a/includes/core/class-query.php b/includes/core/class-query.php
index 0885cc6c..ba8b7cc7 100644
--- a/includes/core/class-query.php
+++ b/includes/core/class-query.php
@@ -307,17 +307,24 @@ if ( ! class_exists( 'um\core\Query' ) ) {
return $users_count;
}
-
/**
* Count all users
*
- * @return mixed
+ * @param bool $force Avoid transient. Default false.
+ *
+ * @return int
*/
- function count_users() {
- $result = count_users();
- return $result['total_users'];
- }
+ public function count_users( $force = false ) {
+ $users_count = get_transient( 'um_count_users_all' );
+ if ( $force || false === $users_count ) {
+ $result = count_users();
+ $users_count = $result['total_users'];
+ set_transient( 'um_count_users_all', $users_count, HOUR_IN_SECONDS );
+ }
+
+ return $users_count;
+ }
/**
* Using wpdb instead of update_post_meta
diff --git a/readme.txt b/readme.txt
index dce9b041..e0136f4c 100644
--- a/readme.txt
+++ b/readme.txt
@@ -5,8 +5,8 @@ Contributors: ultimatemember, champsupertramp, nsinelnikov
Tags: community, member, membership, user-profile, user-registration
Requires PHP: 5.6
Requires at least: 5.5
-Tested up to: 6.5
-Stable tag: 2.8.6
+Tested up to: 6.6
+Stable tag: 2.8.7
License: GPLv3
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
@@ -166,9 +166,29 @@ No specific extensions are needed. But we highly recommended keep active these P
IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSION 2.6.7 PATCHES SECURITY PRIVILEGE ESCALATION VULNERABILITY. PLEASE SEE [THIS ARTICLE](https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions) FOR MORE INFORMATION
-= 2.8.7 2024-06-xx =
+= 2.8.7 2024-09-26 =
+**Enhancements**
+* Added: Single user actions on WP Users list table
+* Updated: User status filter on WP Users list table
+* Updated: User bulk actions on WP Users list table
+* Updated: User actions on User Profile and Member Directory card
+
+**Bugfixes**
+
+* Fixed: CVE-2024-8520
+* Fixed: CVE-2024-8519
+* Fixed: Performance issue related to Settings > Secure tab
+* Fixed: The "Clear All" button in the member directory did not reset all dependent dropdowns
+
+**Templates required update**
+
+* login-to-view.php
+
+**Cached and optimized/minified assets(JS/CSS) must be flushed/re-generated after upgrade**
+
+**Deprecated**
= 2.8.6 2024-05-22 =
@@ -368,6 +388,9 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
== Upgrade Notice ==
+= 2.8.7 =
+This version fixes a security related bug. Upgrade immediately.
+
= 2.8.5 =
This version fixes a security related bug. Upgrade immediately.