HEX
Server: Apache
System: Linux vps-3158868-x.dattaweb.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: emerlux (1185)
PHP: 8.3.1
Disabled: system, shell, exec, system_exec, shell_exec, mysql_pconnect, passthru, popen, proc_open, proc_close, proc_nice, proc_terminate, proc_get_status, escapeshellarg, escapeshellcmd, eval
$ pwd: /home/emerlux/public_html/wp-content/plugins/wpvulnerability/
Upload Files
File: /home/emerlux/public_html/wp-content/plugins/wpvulnerability/changelog.txt
== Changelog ==

= [4.1.1] - 2025-09-22 =

**Fixed**

* Fix an error with the version_compare() (thx to @konnektiv)

**Compatibility**

* WordPress: 4.7 - 6.9
* PHP: 5.6 - 8.4
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.13.4
* WordPress Coding Standards: 3.2.0
* Plugin Check (PCP): 1.6.0
* SonarCloud Code Review
* Amplify Code Check

= [4.1.0] - 2025-09-16 =

**Added**

* "Never" send notifications.
* Choose notification day and time.
* Configurable cache expiration (1, 6, 12 or 24 hours).
* WP-CLI command to configure cache expiration.
* Constants to set hiding components.
* WP-CLI command to manage hidden components.
* WP-CLI command to configure notification email and period.
* Add notifications for Slack and Teams.
* Disable mail notifications from mails.
* WordPress Playground blueprint (in test).

**Changed**

* Cache is always the same eveywhere.
* Options for notifications.
* Schedule fields only appear for selected periods.
* Placeholder and conditional display for Slack and Teams notification fields.
* Added links to documentation.

**Fixed**

* When a plugin is updated, hide the vulnerabilities.
* Display of schedule fields based on period.
* Conditional display for email, Slack, and Teams notification fields.
* When save, there where two saving messages.
* wp_get_update_php_url() for WordPress 5.1.0+ (fallback)
* wp_timezone() for WordPress 5.1.0+ (fallback)
* wp_doing_cron() for WordPress 4.8.0+ (fallback)
* Application Passwords / REST API after WordPress 5.6.0

**Compatibility**

* WordPress: 4.7 - 6.9
* PHP: 5.6 - 8.4
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.13.4
* WordPress Coding Standards: 3.2.0
* Plugin Check (PCP): 1.6.0
* SonarCloud Code Review
* Amplify Code Check

= [4.0.4] - 2025-04-07 =

**Added**

* Extra sanitizations.

**Changed**

* Translation improvements.

**Fixed**

* Plugin and translation load.

**Compatibility**

* WordPress: 4.1 - 6.8
* PHP: 5.6 - 8.4
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.12.1
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.4.0
* SonarCloud Code Review

= [4.0.3] - 2024-10-28 =

* Recreation of the 4.0.2 version. Something did not created the 4.0.2 version.

= [4.0.2] - 2024-10-25 =

**Fixed**

* ImageMagick: it crashes in some cases where the hosting does not have ImageMagick.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.4
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.10.3
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.1.0
* SonarCloud Code Review

= [4.0.1] - 2024-10-04 =

**Fixed**

* API endpoints: some API endpoints were failing.
* CLI endpoints: some CLI endpoints were failing.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.4
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.10.3
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.1.0
* SonarCloud Code Review

= [4.0.0] - 2024-10-01 =

**Added**

* ImageMagic vulnerabilities (Site Health + WP-CLI + API + mail).
* curl vulnerabilities (Site Health + WP-CLI + API + mail).
* memcached vulnerabilities (Site Health + WP-CLI + API + mail).
* Redis vulnerabilities (Site Health + WP-CLI + API + mail).
* SQLite vulnerabilities (Site Health + WP-CLI + API + mail).

**Fixed**

* Test email without email.
* Improved MariaDB 11.x detection.
* Improved versions detection (major-minor.patch-build).
* WordPress < 5.3: use of wp_date().
* WordPress < 5.0: locale detection.
* Dashboard widget only for users with capabilities.
* WordPress < 5.2: link to Site Health

**Changed**

* Big refactory.
* Less files, less size, improved code quality.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.4
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* Manual Testing:
  * WordPress 6.7 / PHP 8.4
  * WordPress 6.6 / PHP 8.3
  * WordPress 6.4 / PHP 8.2
  * WordPress 6.1 / PHP 8.1
  * WordPress 5.8 / PHP 8.0
  * WordPress 5.5 / PHP 7.4
  * WordPress 5.3 / PHP 7.3
  * WordPress 4.9 / PHP 7.2
  * WordPress 4.8 / PHP 7.1
  * WordPress 4.6 / PHP 7.0
  * WordPress 4.1 / PHP 5.6
* PHP Coding Standards: 3.10.3
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.1.0
* SonarCloud Code Review

= [3.4.1] - 2024-08-23 =

**Fixed**

* The number of vulnerabilities for core is incorrect.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.4.0] - 2024-08-16 =

**Added**

* New checks for MariaDB vulnerabilities.
* New checks for MySQL vulnerabilities.
* WPVulnerability statistics in the configuration page.
* WPVulnerability contributors in the configuration page.

**Changed**

* Code improvement.
* Better UI for the configuration page.
* Web server version detection improved.

**Fixed**

* Get the statistics information the right way.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.3.5] - 2024-08-14 =

**Added**

* Add counters for Core, Plugins, and Themes.
* Add a Vulnerabilities filter in the Plugin list (WordPress and WordPress Multisite).
* Add a Vulnerabilities filter in the Themes list (WordPress Multisite).

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.3.4] - 2024-08-12 =

**Fixed**

* The "Last updated on" column in the plugin list is available again.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.11.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.3.3] - 2024-08-05 =

**Fixed**

* The Dashboard panel is availbale, again.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.10.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.3.1] - 2024-08-02 =

**Fixed**

* Delete the wp_is_rest_endpoint check. Does not need it.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.10.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.3.0] - 2024-08-02 =

**Added**

* Ability to exclude of vulnerability types at a global level.
* WP-CLI commands formats (--format=[table,json]).
* REST API endpoints (requires Application Password).

**Changed**

* README file.

**Compatibility**

* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.10.0

**Tests**

* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.2.2] - 2024-07-27 =

**Added**

* Ability to configure a different From: email address for sending vulnerability notifications via `wp-config.php`.

**Changed**

* The URL for the website now uses its own domain name.
* Dashboard visibility is restricted to users with specific capabilities, similar to Site Health.

**Fixed**

* Various minor fixes to prevent warnings and potential errors due to misconfigured WordPress setups.
* Allow loading of some necessary libraries.

**Compatibility**

* WordPress: 4.1 - 6.6
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.10.0

**Tests**

* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review

= [3.2.0] - 2024-05-08 =

**Added**

* Apache HTTPD vulnerabilities (Site Health).
* nginx vulnerabilities (Site Health).

**Changed**

* License updated to GPL 2.0 or later.

**Compatibility**

* WordPress 4.1 - WordPress 6.6.
* PHP 5.6 - PHP 8.3.
* WordPress Coding Standards 3.1.0.
* WP-CLI 2.3.0 - WP-CLI 2.10.0.
* Plugin Check (PCP)

= [3.1.2] - 2024-05-08 =

**Fixed**

* In some cases (when calling it directly, or wget), the cron was not working and gave an error.
* The license had a non-compliance ID. Now, same license but working.
* General improvements.

**Changed**

* The URL from the API is using its own domain name.

**Compatibility**

* WordPress 4.1 - WordPress 6.6.
* PHP 5.6 - PHP 8.3.
* WordPress Coding Standards 3.1.0.
* WP-CLI 2.3.0 - WP-CLI 2.10.0.
* Plugin Check (PCP)

= [3.1.1] - 2024-02-11 =

**Fixed**

* Fixes some possible PHP warnings when retrieving data from the API.
* Delete old schedules when unistalling the plugin.
* Fix how is printed the High severity.

**Deleted**

* The plugin will not show the Exploitability information.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.5.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.1.
* Compatibility: WP-CLI 2.3.0 - WP-CLI 2.10.0.

= [3.1.0] - 2024-02-04 =

**Added**

* A new column in the plugin list, with the last updated day (and diff).
* A notice if the plugin is closed in the WordPress.org repo.

**Fixed**

* Fixes the schedule in some cases.
* Fixes the PHP format (using always the n.n / n.n.n format).

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.5.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.1.
* Compatibility: WP-CLI 2.3.0 - WP-CLI 2.9.0.

= [3.0.2] - 2024-01-27 =

**Fixed**

* Fixes the WordPress Multisite saving options.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.5.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.1.
* Compatibility: WP-CLI 2.3.0 - WP-CLI 2.9.0.

= [3.0.1] - 2023-12-19 =

**Fixed**

* Test email with the actual vulnerabilities (or a test message), now forced when the button is clicked.
* Fixed some strings (thanks @alexclassroom).
* WordPress Coding Standards 3.0.1 up-to-date.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.4.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.1.
* Compatibility: WP-CLI 2.3.0 - WP-CLI 2.9.0.

= [3.0.0] - 2023-12-09 =

**Added**

* WordPress Multisite support.
* PHP vulnerabilities (Site Health).
* Reload the data from source.
* Test email with the actual vulnerabilities.

**Changed**

* Loading the data in better way.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.4.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.1.
* Compatibility: WP-CLI 2.3 - WP-CLI 2.9.0.

= [2.2.1] - 2023-10-02 =

**Added**

* New security information (at WordPress.org plugin page).
* New privacy information (at WordPress.org plugin page).
* New compatibility information (at WordPress.org plugin page).
* New vulnerabilities information (at WordPress.org plugin page).
* New profiling information (at WordPress.org plugin page).

**Changed**

* Promoted dashboard.
* Performance improvement: only load the plugin in the admin area.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.4.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.1.
* Compatibility: WP-CLI 2.3 - WP-CLI 2.8.1.

= [2.2.0] - 2023-09-14 =

**Added**

* New Dashboard, with a Vulnerability summary and products affected.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.3.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.0.
* Compatibility: WP-CLI 2.3 - WP-CLI 2.8.

= [2.1.0] - 2023-09-11 =

**Changed**

* Improved detection of plugins folders. This shpould reduce the false positives in some plugins, and Pro/Premium plugins.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.3.
* Compatibility: PHP 5.6 - PHP 8.3.
* Compatibility: WordPress Coding Standards 3.0.0.
* Compatibility: WP-CLI 2.3 - WP-CLI 2.7.

= [2.0.4] - 2023-09-10 =

**Compatibility**

* WordPress Coding Standards 3.0.0 compatible.

= [2.0.3] - 2023-07-27 =

**Added**

* Validate secure requests to the API.

**Changed**

* Reduce API timeout request time from 10.0 seconds to 2.5 seconds.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.3.
* Compatibility: PHP 5.6 - PHP 8.3.

= [2.0.2] - 2023-04-24 =

**Fixed**

* Fix the Notification system.

= [2.0.1] - 2023-04-20 =

**Added**

* Added new options to cache the vulnerability counter.

**Changed**

* Update the readme.txt.

**Fixed**

* Fix the Site Health messages.

= [2.0.0] - 2023-04-15 =

**Added**

* If the WordPress version supports it, vulnerabilities are displayed in the Core update screen.
* Calls can be made from WP-CLI `wp help wpvulnerability` to list vulnerabilities in Core `wp wpvulnerability core`, Plugins `wp wpvulnerability plugins` and Themes `wp wpvulnerability themes`. Before only Plugins.
* Site Health shows core vulnerabilities, which were not previously shown.

**Changed**

* The plugin has been completely refactored.

**Compatibility**

* Compatibility: WordPress 4.1 - WordPress 6.2
* Compatibility: PHP 5.6 - PHP 8.2
* Compatibility: WP-CLI 2.3 - 2.7

= [1.3.2] - 2023-03-22 =

**Changed**

* Code security improvements

**Fixed**

* Fix some PHP errors

= [1.3.2] - 2023-03-22 =

**Changed**

* Code security improvements

**Fixed**

* Fix some PHP errors

= [1.3.1] - 2023-02-27 =

**Changed**

* Code security improvements
* Fix the Severity value
* A better Site Health information

**Compatibility**

* Compatibility: WordPress 5.2 - WordPress 6.2
* Compatibility: PHP 7.2 - PHP 8.1

= [1.3.0] - 2023-02-27 =

**Added**

* Information, when available, about the vulnerability, in a simplified way. Only in the plugin list.
* Information, when available, about the potential severity and exploitability. Only in the plugin list.
* Links to sources to get additional information. Only in the plugin list.

**Changed**

* Improved security in code.

= [1.2.4] - 2023-02-20 =

**Compatibility**

* Compatibility: WordPress 5.2 - WordPress 6.2
* Compatibility: PHP 7.2 - PHP 8.1 

= [1.2.3] - 2023-01-30 =

**Fixed**

* Fix WP_Error object.

= [1.2.2] - 2023-01-30 =

**Fixed**

* Fix WP_Error object.

= [1.2.1] - 2023-01-09 =

**Fixed**

* Some fixed to improve the operators.

= [1.2.0] - 2022-12-15 =

**Added**

* Sends email periodically. You can choose who is going to receive the emails.
* First approach to WPCLI Commands (thanks to @lbonomo).

= [1.1.0] - 2022-05-18 =

**Fixed**

* Fix: Prevents text domain not given correctly.
* Fix: strings not translated.

= [1.0.1] - 2022-05-17 =

**Fixed**

* Fix: strings not translated.

= [1.0.0] - 2022-05-16 =

**Added**

* Added tabs in Health check.

= [0.2.0] - 2022-05-07 =

**Added**

* Improved the information in plugins list.

= [0.1.0] - 2022-05-06 =

**Added**

* Notification in the plugins list.
* First release.
@ Telegram