Versioned Changelog

* Added a convenient ‘Settings’ link on the main WordPress Plugins page to improve user navigation.
* Added admin notice with direct support ticket link for users experiencing technical issues.

* Fix – Address issues with blocks not rendering as expected.
* Dev – Bump WooCommerce “tested up to” version 10.0.
* Dev – Bump WooCommerce minimum supported version to 9.8.

*Update: PLUGINS-2936 – Prevent .htaccess Conflicts Causing Mobile Download Issues.

* NEW: ANT_FRAUD-61 – Whitelisting and Blacking functionality for the mobile number verification.

* Fix: Restores normal behavior for the report caching updates scheduled action, which was failing due to a bad filepath.
* Fix: Fix error when placing an order with a valid card after using a declined one.
* Fix: Fix order renewal errors when using some plugins.
* Fix: Prevent fatal errors when loading or deleting subscriptions with corrupted date values stored in a database.
* Fix: Prevent fatal errors when trying to save invalid date values and display better error messages instead.
* Fix: Fix broken blocks and javascript translations.
* Fix: Keep newly created subscriptions in pending status when initial payment fails instead of putting them on hold.
* Dev: Improve test suite bootstrap process by postponing interactions with Action Scheduler until it has fully initialized.
* Dev: Plugin upgrade routines will now be triggered by changes in the main plugin version (and not the core library version).
* Dev: Update wcs_is_paypal_profile_a() so it handles non-string parameters more gracefully. This is principally to reduce noise levels when running the test suite.
* Dev: Proactively reviewed and hardened code to improve our security posture going forward.

* UPDATE: Corrected automatic user login flow after account creation by replacing wp_set_current_user() and wp_set_auth_cookie() with wp_signon().
* UPDATE: Added username existence check to avoid conflicts when generating usernames from email addresses.
* UPDATE: Sanitized $_POST[‘apple-token-redsys’] input variable.
* UPDATE: Secured wp_remote_*() calls with host validation to prevent SSRF vulnerabilities.
* UPDATE: Added permission_callback checks for REST endpoints using referer validation to avoid public access.
* UPDATE: Enabled CURLOPT_SSL_VERIFYHOST = 2 and CURLOPT_SSL_VERIFYPEER = 1 in Redsys API library to enforce proper SSL certificate validation and prevent MITM attacks.
* UPDATE: Justified use of wp_redirect() for external OAuth flow with proper comment.
* UPDATE: Escaped dynamic CSS output for safe rendering.

* Update: Improvement made in Buy Again test email on WooCommerce email settings.
* Dev: Bump WooCommerce “tested up to” version 9.9.5.
* Dev: Bump WordPress “tested up to” version 6.8.1.
* Fix: Fatal error thrown on product page when the previous order is deleted.

* New – Free Gift mode that allows waiving the shipping cost is supported.
* New – Added REST API endpoints support to full CRUD operation for Free Gift rule(s) and Master Log.
* Dev – Bump WooCommerce “tested up to” version 9.9.5.
* Update – Modified REST API response key names for Free Gift rule(s).
* Fix – Free Gift is not awarded when the coupon code is applied with case discrepancies.