Paid Memberships Pro Update 2.6.6

Development Changelog for Paid Memberships Pro Release Updates

Version 2.6.6 of Paid Memberships Pro is out with one security fix and a few other bug fixes.

Thank you to Erwan from WPscan for the responsible disclosure of the cross-site scripting issue.

Please update Paid Memberships Pro from the plugins page of your WordPress dashboard. You can also get the latest version of PMPro here or version 2.6.6 specifically here.

The full list of updates is below.

SECURITY: Updated escaping on the discount codes page in the dashboard to prevent XSS attacks. (Thanks, Erwan from WPScan)
BUG FIX/ENHANCEMENT: Added code to remove duplicate active rows in the pmpro_memberships_users table after level change. This might have happened e.g. if users were purchasing a level via the WooCommerce Add On multiple times.
BUG FIX/ENHANCEMENT: Improved the REST API endpoints to better support Zapier native requirements.
BUG FIX: Fixed PHP notices in the name parser library.

Author: Jason Coleman

Jason is co-founder of Paid Memberships Pro, the 100% open source membership plugin for WordPress. He has been pushing WordPress to its limits for many years and is an advocate for using WordPress as an application framework to build web sites and apps that go above and beyond the typical blog or CMS site.

Was this article helpful?

YesNo

PMPro Update 2.6.6

Build a membership site—for free.