Version 2.6.5 of Paid Memberships Pro is out with a handful of bug fixes. These bugs have the potential to hinder sales, so be sure to upgrade.
This update also includes a security fix that should be applied to keep your site safe. We don’t believe this vulnerability was being actively exploited, but it is good to fix it anyway. Thanks to Victor Garcia for his responsible disclosure of this issue.

Please update Paid Memberships Pro from the plugins page of your WordPress dashboard. You can also get the latest version of PMPro here or version 2.6.5 specifically here.
The full list of updates is below.
- ENHANCEMENT: Introduced new action
pmpro_before_commit_express_checkout
to allow additional changes after an order has been saved but before sending customer to PayPal Express checkout. - BUG FIX/ENHANCEMENT: Added login compatibility for Jetpack WordPress.com SSO when using the PMPro login page.
- BUG FIX: Fixed PHP notices from status headers when server protocol information is unavailable.
- BUG FIX: Fixed metadata compatibility for membership levels and orders when calling
get_pmpro_membership_level_meta()
andget_pmpro_membership_order_meta()
so they support getting all meta values for all keys. - BUG FIX: Escape all Webhook communication debug output coming from gateways.