SecuPress Pro - Premium WordPress Security Plugin v2.3.14

2.3.14 — 20 May 2025​

• Fix: #[\SensitiveParameter] can’t be inline…
• Fix: Warning false instead of array
• Fix: Add SECRET_KEY and SECRET_SALT
• Improvement: Remove usage of GMP, introduce secupress_next_prime()

2.3.12 — 19 May 2025​

• Fix: Hook priority change to get the correct values in session control
• Fix: “PasswordLess” module could not be selected* Fix: “Prevent User Creation” may lead to the impossibility to log in again.
• Fix Multisite: “Actions on Plugins” could lead to empty list.
• Fix: “Bad URL Access” code for nginx was wrong. (thanks to Christophe from wanaged.com)
• Improvement: “Bad URL Access” module have been revamp again to let users decide is they prefer to use the simple legacy code or the new one.
• Improvement: Better wording and usage for “Bad Usernames” module. The scanner will scan nickname/display names same as login only if option is activated.
• Improvement: The DB Error file will not spam you emails anymore.

Decryption key:

To view the content, you need to Sign In or Register.

• 03 April 2024
• Fix v2.2.5.2 Blackhole nonce bloking some front requests
• Update Malware Database

Decryption key:

To view the content, you need to Sign In or Register.

• 03 April 2024
• Fix v2.2.5.2 Blackhole nonce bloking some front requests
• Update Malware Database

To view the content, you need to Sign In or Register.

DL link fixed.

== Changelog ==

2.2.5.1 - Updated 21 Dec 2023

* Security Fix: TOCTOU in Limit Login Attempts (Thanks to Konan Nagashima)
* Improvement#963: Add context for secupress_die()
* Improvement: Add DE translations (Thanks to Klaus Bei)
* Improvement: Status "bad" into "warning" on bad plugins scanner results in free version
* Fix#1036: Remove REST API calls made using query parameters (Thanks to JB Audras) + usage of rawurldecode() (Thanks to Aether Black)
* Fix#1035: Malware scan file too big
* Fix#1034: Matomo was blocked
* Fix#1033: Bad referer default list, "cialis"
* Fix#1032: Uncaught TypeError: Cannot read properties of null (reading 'querySelectorAll')
* Fix#1030: Plugins&Themes settings on MS does not save correctly
* Fix#1021: PHP Deprecated: filter_var() null in parameter 3
* Fix#1015: Better output secupress_pro_sessions_control_users_column_content()
* Fix#1010: Uncaught TypeError: strpos(): Argument 1 must be of type string, array given
* Fix#1001: Move secupress_format_message()
* Fix#962: Ranged IPs can prevent ip detection to block
* Update Malware Database
* Update global i18n

Download SecuPress Pro v2.2.3 - Premium WordPress Security Plugin Nulled Free
= v2.2.3 = 14 September 2022 Big Thanks To @TassieNZ
* Update: Malware Database v22.9.14
* Security Fix#985: IP Spoofing, thanks to Calvin Alkan on https://snicco.io/
* Fix#987: new passwordless UI didn't need to validate the captcha to get the magic link
* Fix#986: unban link for admins does not always work
* Fix#984: fix "two factor authentication" plugin detection
* Fix#981: Move Login could be activated without pretty permalinks
* Fix#980: key regeneration button is hidden by the helpers style
* Fix#962: Ranged IPs can prevent ip detection to be blocked
* Fix global i18n

Download SecuPress Pro v2.2.2 - Premium WordPress Security Plugin Nulled Free
= v2.2.2 = 08 August 2022
* Update: Malware Database v22.8.2
* New#961: New UI/UX for PasswordLess Module!
* Fix#976: WPML was adding a suffix to the PHP constant WP_HOME
* Fix#975: Salt key mu plugin in double + auto login
* Fix#974: Error message: Uncaught TypeError: explode(): Argument #2 ($string) must be of type string, array given in /pro/modules/firewall/plugins/bad-referer.php:13
* Fix#972: Salt keys scanner too loose
* Fix#971: Undefined array key "registration" in /free/modules/users-login/plugins/move-login.php on line 205
* Fix#969: Remove user enumeration made using query parameters on REST API calls
* Fix#965: NULL Coalescing Operator in pro/modules/firewall/tools.php on line 182
* Fix#917: Uncaught Error: Call to undefined function secupress_status()
* Fix global i18n

Download SecuPress Pro v2.2.1 - Premium WordPress Security Plugin Nulled Free
= v2.2.1 = 03 August 2022
* Update: Malware Database v22.8.2
* New#961: New UI/UX for PasswordLess Module!
* Fix#976: WPML was adding a suffix to the PHP constant WP_HOME
* Fix#975: Salt key mu plugin in double + auto login
* Fix#974: Error message: Uncaught TypeError: explode(): Argument #2 ($string) must be of type string, array given in /pro/modules/firewall/plugins/bad-referer.php:13
* Fix#972: Salt keys scanner too loose
* Fix#971: Undefined array key "registration" in /free/modules/users-login/plugins/move-login.php on line 205
* Fix#965: NULL Coalescing Operator in pro/modules/firewall/tools.php on line 182
* Fix global i18n

Download SecuPress Pro v2.2 - Premium WordPress Security Plugin Nulled Free
v2.2- 03 January 2022
* New#930: Scan for @include as a malware in wp-config.php only (known for that)
* New#932: Add support for .php[12345678] .phtml files in malware scanner
* New#937: New option to force FTP creds when adding a theme or plugin, see "Disable .zip uploads" in "Plugins & Themes" module page
* Improvement#455: Add filters to all our email subject and messages. Search for "secupress.mail."
* Improvement#954: Better filetree for both free and pro version. No more /core, /inc, no more 2 uninstall files, no more weird file inclusions.
* Improvement#885: remove FaceBook share button
* Improvement#931: Do not log 404 that are redirected by SEO plugins
* Improvement#935: Support MemberPress to prevent login out of passwordless when activated
* Improvement#958: Update zxcvbnphp lib
* Fix#889: files from core still show themes as diff files
* Fix#944: PHP Notice: Undefined variable: ip in/core/functions/ip.php on line 59
* Fix#945: Uncaught Error: Object of class stdClass could not be converted to string in /core/modules/plugins-themes/tools.php:174
* Fix#946: PHP Fatal error: Uncaught Error: Call to a member function views() on null in /core/classes/common/class-secupress-logs-list.php:165
* Fix#947: set_time_limit() is forbidden on infomaniak, leads to fatal error in PHP8+
* Fix#948: Whitelabel is not displaying a plugin author url in settings
* Fix#949: missing subfolder in secupress_bad_file_extensions_get_regex_pattern
* Fix#950: i18n files showing up in core file differences
* Fix#951: "toggle all" checkbox in "file core diff" does not work
* Fix#950: i18n files showing up in core file differences
* Fix#955: PHP Fatal error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /core/admin/multisite/settings.php:96
* Fix#957: Move Login can still disclose the login page when registration is disabled.