2.10.4
2021-04-29 Security1 Tweak2 Fix2Security
- Resolved Authorized XSS vulnerability - note, you had to be logged in as admin to exploit it
Tweaks
- Removed PHAR files from vendor directory to meet wp.org standards
- Switched to using WP HTTP remote functions to meet wp.org standards
Fixes
- Improved escaping in a few places to improve security
- Corrected is_give_form() post type so it once again works