Ultimate Member Core Plugin v2.10.1

Decryption key:

To view the content, you need to Sign In or Register.

Download Ultimate Member Core Plugin v2.10.1 Nulled Free
= v2.10.1 March 03, 2025 =
* Bugfixes:
- Fixed: Security issue CVE ID: CVE-2025-1702.
- Fixed: Activation link redirects to Reset Password after registration without password field and required email activation.
- Fixed: Honeypot scripts/styles for themes without pre-rendered shortcodes. Enqueue honeypot scripts/styles everytime.
- Fixed: Profile photo metadata when Gravatar image is used.
* Cached and optimized/minified assets(JS/CSS) must be flushed/re-generated after upgrade *

Decryption key:

To view the content, you need to Sign In or Register.

Download Ultimate Member Core Plugin v2.10.0 Nulled Free
= v2.10.0 February 18, 2025 =
* Enhancements:

- Added: User Profile `form-id` attribute and updated code for Profile/Cover photos actions dropdowns.
- Added: Honeypot scripts/styles via `wp_add_inline_script()`, `wp_add_inline_style()` changed from direct adding in header and footer.
- Updated: We've made improvements to requests for extension updates to boost stability.
- Updated: PHP requirement - the minimum PHP version is now upgraded to 7.0.
- Updated: Using $wpdb and WPCS for queries. Set minimum required version to 6.2 due to using %i for `$wpdb->prepare()`.
- Updated: Revised wp-admin user actions handling. Now, the required capability is `edit_users` instead of `manage_options`.
- Removed: User Profile hidden inputs on view mode.
- Tweak: WPCS enhancements.

* Bugfixes:

- Fixed: Security issue CVE ID: CVE-2024-12276.
- Fixed: Custom usermeta table metakeys for filtering in member directory (from `_money_spent` to `wc_money_spent_` and added `wc_order_count_`).
- Fixed: Layout for "Download your data" and "Erase of your data" fields.
- Fixed: Image sizes used for Open Graph meta in User Profile headers are now corrected.
- Fixed: "Delete account text" settings visibility issue in wp-admin.
- Fixed: The "Privacy Policy" field in the registration form. Disallowed HTML from the "Privacy Policy" content (like `<form>`) is filtered out by the `wp_kses()` function.
- Fixed: Password fields are now sanitized the WordPress native way, with `wp_unslash()` omitted post-submission.

* Templates required update:

- gdpr-register.php
- profile.php

* Cached and optimized/minified assets(JS/CSS) must be flushed/re-generated after upgrade *

Decryption key:

To view the content, you need to Sign In or Register.

Download Ultimate Member Core Plugin v2.9.2 Nulled Free
= v2.9.2 January 14, 2025 =
* Enhancements:
- Added: Compatibility with the new [Ultimate Member - Zapier](https://ultimatemember.com/extensions/zapier/) extension
- Added: Only approved user Reset Password setting defined as true by default
- Added: `UM()->is_new_ui()` function for future enhancements related to new UI
- Added: Filter hook `um_before_user_submitted_registration_data`
- Tweak: Changed hook's priority for initialization of email templates paths
- Tweak: Removed `load_plugin_textdomain` due to (article)[https://make.wordpress.org/core/202...-support-for-only-using-PHP-translation-files]

* Bugfixes:
- Fixed: Security issue CVE ID: CVE-2025-0308
- Fixed: Security issue CVE ID: CVE-2025-0318
- Fixed: Using placeholders in email templates when Action Scheduler is active. Using `fetch_user_id` attribute for fetching necessary user before sending email
- Fixed: PHP 8.4 compatibility. Using WordPress native `wp_is_mobile()` instead of MobileDetect library
- Fixed: PHP errors related to `UM()->localize()` function
- Fixed: PHP errors in user meta header when `last_update` meta is empty
- Fixed: Small CSS changes and avoid duplicates
- Fixed: Removed ms-native show password button for type="password" field in UM forms
- Fixed: Define scalable attribute for cropper

* Deprecated:
- Fully deprecated `UM()->mobile()` function
- Fully deprecated `UM()->localize()` function
- Fully deprecated `um_language_textdomain` filter hook

* Templates required update:
- account.php

* Cached and optimized/minified assets(JS/CSS) must be flushed/re-generated after upgrade

Decryption key:

To view the content, you need to Sign In or Register.

* Enhancements:
- Added: `um_image_upload_validation` hook for 3rd-party validation during upload images

* Bugfixes:
- Fixed: "Load textdomain just in time" issue
- Fixed: Capabilities checking in the wp-admin > Users list table
- Fixed: File/image upload on the role specific profile form
- Fixed: Issues when the form's custom fields meta has a wrong format
- Fixed: Validation of the "Registration Default Role" slug
- Fixed: Allowed query variables via registered REST API class only when REST_REQUEST is defined

Decryption key:

To view the content, you need to Sign In or Register.

* Enhancements:
- Added: Action Scheduler (version 3.8.1) for email sending. More info is [here](https://actionscheduler.org/)
- Added: Supporting new `wp_register_block_metadata_collection()` function for registering WP Blocks

* Bugfixes:
- Fixed: `ajax_image_upload()` and `ajax_resize_image()` handlers vulnerability. CVE ID: CVE-2024-10528
- Fixed: Disabling user status column wp-admin > Users screen
- Fixed: User status filter on wp-admin > Users on mobile devices
- Fixed: Extra unwrapping of the WP Editor field's value

* Cached and optimized/minified assets(JS/CSS) must be flushed/re-generated after upgrade

Decryption key:

To view the content, you need to Sign In or Register.

• Fixed: Download routing initialization
• Fixed: Textarea height and HTML formatted textarea field height isolated via <iframe> on view mode
• Fixed: User registration if email activation or admin review are required
• Fixed: First installation errors

Cached and optimized/minified assets(JS/CSS) must be flushed/re-generated after upgrade

Decryption key:

To view the content, you need to Sign In or Register.

• Added: Member Directory > Admin Filtering supports datepicker and timepicker filter-types with only “From” or “To” filled value
• Added: Ability to customize modal templates upload-single.php and view-photo.php
• Added: New FontAwesome library. Version 6.5.2

Decryption key:

To view the content, you need to Sign In or Register.

​

​

2.8.4 2024-03-06​

Enhancements

• Tweak: Added separate file for full changelog. readme.txt shows only a few latest versions

Bugfixes

• Fixed: Member directory data sanitizing (CVE-2024-2123)
• Fixed: Activation link time changed from seconds to days
• Fixed: Password validation error
• Fixed: Password reset url for the approved user who didn’t set their password after registration without password
• Fixed: Conflict with WebP Uploads

Decryption key:​

To view the content, you need to Sign In or Register.

​

2.8.3: February 19, 2024​

• Enhancements:
  • Added: Link to the Ultimate Member docs
  • Tweak: Ultimate Member > Settings redesign. More details about setting up. Tooltips changed to descriptions.
• Bugfixes:
  • Fixed: Member directory queries to custom usermeta table properly escaped and validated
  • Fixed: Member directory custom sorting when wp_usermeta table is used
  • Fixed: aria-invalid attribute for the user description field
  • Fixed: wp_kses protocols for email notifications content
  • Fixed: PHP notice while registration form validation
  • Fixed: Field validations (English letters, Alpha-numeric types)
  • Fixed: Hidden buttons in the modal when uploading profile and cover photo
  • Fixed: Theme updater log message
  • Fixed: Search line shortcode layout
  • Fixed: PHP notice while login form submission
  • Fixed: Email notifications HTML layout
  • Fixed: Default email notification body color
  • Fixed: Ignore username slug when custom meta slug exists when parse user from query
• Templates required update:

Download Ultimate Member Core Plugin v2.5.4 Nulled Free
= v2.5.4: February 17, 2023 =
* Enhancements:
- Added: TikTok, Twitch and Reddit fields
- Added: Handler of restriction settings for blog page
- Added: Support of the `<iframes>` inside textarea with enabled the "HTML using" option
- Added: 'um_get_field_date' hook for filtering date fields
- Added: `UM()->get_allowed_html()` function for using it inside wp_kses allowed HTML tags

* Bugfixes:
- Fixed: Redirect to some links when content is restricted. Using `esc_url_raw()` instead of `esc_url()` for redirect to URLs inside class-access.php
- Fixed: Handle restriction settings for attachments, later hook is used for checking capabilities through `current_user_can()`
- Fixed: Honeypot triggering in password reset, when not set
- Fixed: Small PHP notices and warnings