From db337f2f1c2728d29b0c91be41e7d34f51623fbc Mon Sep 17 00:00:00 2001 From: Mykyta Synelnikov Date: Wed, 4 Feb 2026 15:23:46 +0200 Subject: [PATCH] Updated readme.txt --- readme.txt | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/readme.txt b/readme.txt index 574efbad..3fb1af4f 100644 --- a/readme.txt +++ b/readme.txt @@ -169,9 +169,19 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI = 2.11.2 2026-02-09 = +**Enhancements** + +* Added: Server side validation when Searching Form is submitted. + **Bugfixes** -* Fixed: Security issue CVE ID: CVE-2025-15064. Deprecated ability to use HTML inside the user description. +* Fixed: Security issue CVE ID: CVE-2025-15064. Deprecated ability to use HTML inside the user description. It's still allowed to use only predefined 'user_description' tags in `wp_kses()`. +* Fixed: Security issue CVE ID: CVE-2026-1404. Changed template items formatting to avoid using HTML symbols in the filter values. + +* Templates required update: + +* members.php +* searchform.php = 2.11.1 2025-12-16 =