Version 2.9.8 of Paid Memberships Pro is out with a handful of bug fixes and enhancements. This version also includes security updates that help to prevent denial of service attacks through malicious REST API queries.

Please update Paid Memberships Pro from the plugins page of your WordPress dashboard. You can also get the latest version of PMPro here or version 2.9.8 specifically here.

Development Changelog for Paid Memberships Pro Release Updates

The full list of updates in 2.9.8 is below:

  • SECURITY: Updated many queries to use $wpdb->prepare and esc_sql for better security. In almost all of these cases, the variables uses in the queries were escaped earlier or otherwise trusted, but it’s good practice to escape in the query anyway to be extra safe and avoid issues when code is updated in the future.
  • BUG FIX/ENHANCEMENT: Fixed some notices in the Authorize.net Gateway class.
  • BUG FIX/ENHANCEMENT: Fixed HTML in the nl_NL email templates.
  • BUG FIX/ENHANCEMENT: Added the !!membership_level_confirmation_message!! replacement variable to admin checkout emails.
  • BUG FIX/ENHANCEMENT: Fixed typo “could” in error message shown when an Add On cannot be installed.
  • ENHANCEMENT: Removed duplicate display_name definition in the PMPro Email class.
  • ENHANCEMENT: Fixed PMPRO_MIN_PHP_VERSION constant name in a few places.
  • ENHANCEMENT: Including the Akismet Integration and MailPoet Integration icons for use on the Memberships > Add Ons page in the WordPress admin.