diff --git a/.wordpress-org/blueprints/blueprint.json b/.wordpress-org/blueprints/blueprint.json index 9a52be57..0d2c64e4 100644 --- a/.wordpress-org/blueprints/blueprint.json +++ b/.wordpress-org/blueprints/blueprint.json @@ -15,7 +15,7 @@ "step": "installPlugin", "pluginZipFile": { "resource": "url", - "url": "https:\/\/downloads.wordpress.org\/plugin\/ultimate-member.2.10.1.zip" + "url": "https:\/\/downloads.wordpress.org\/plugin\/ultimate-member.2.10.2.zip" }, "options": { "activate": true diff --git a/README.md b/README.md index 50eba8e8..9412b326 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ GNU Version 2 or Any Later Version ### IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSION 2.6.7 PATCHES SECURITY PRIVILEGE ESCALATION VULNERABILITY. PLEASE SEE [THIS ARTICLE](https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions) FOR MORE INFORMATION -[Official Release Version: 2.10.1](https://github.com/ultimatemember/ultimatemember/releases/tag/2.10.1). +[Official Release Version: 2.10.2](https://github.com/ultimatemember/ultimatemember/releases/tag/2.10.2). ## Changelog diff --git a/changelog.txt b/changelog.txt index 581b13b4..de589987 100644 --- a/changelog.txt +++ b/changelog.txt @@ -1,5 +1,16 @@ == Changelog == += 2.10.2 April 02, 2025 = + +* Enhancements: + + - Added: `UM()->common()-filesystem()::maybe_init_wp_filesystem();` method. + - Added: `UM()->common()-filesystem()::remove_dir();` method. + +* Bugfixes: + + - Fixed: Security issue CVE ID: CVE-2025-1702. Reviewed general search scripts and suggested another solution that uses only `$wpdb->prepare()`. + = 2.10.1 March 03, 2025 = * Bugfixes: diff --git a/readme.txt b/readme.txt index 495a0a0f..ab90339a 100644 --- a/readme.txt +++ b/readme.txt @@ -6,7 +6,7 @@ Tags: community, member, membership, user-profile, user-registration Requires PHP: 7.0 Requires at least: 6.2 Tested up to: 6.7 -Stable tag: 2.10.1 +Stable tag: 2.10.2 License: GPLv3 License URI: http://www.gnu.org/licenses/gpl-3.0.txt @@ -167,6 +167,17 @@ No specific extensions are needed. But we highly recommended keep active these P IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSION 2.6.7 PATCHES SECURITY PRIVILEGE ESCALATION VULNERABILITY. PLEASE SEE [THIS ARTICLE](https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions) FOR MORE INFORMATION += 2.10.2 2025-04-02 = + +**Enhancements** + +* Added: `UM()->common()-filesystem()::maybe_init_wp_filesystem();` method. +* Added: `UM()->common()-filesystem()::remove_dir();` method. + +**Bugfixes** + +* Fixed: Security issue CVE ID: CVE-2025-1702. Reviewed general search scripts and suggested another solution that uses only `$wpdb->prepare()`. + = 2.10.1 2025-03-03 = **Bugfixes** @@ -278,6 +289,9 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI == Upgrade Notice == += 2.10.2 = +This version fixes a security related bug. Upgrade immediately. + = 2.10.1 = This version fixes a security related bug. Upgrade immediately.